Cisco Blogs

Cisco Blog > Data Center

Securing Cloud Transformation through Cisco Domain Ten Framework v2.0

Businesses of all sizes are looking for Cloud solutions to solve some of their biggest business and technology challenges—reducing costs, creating new levels of efficiency, transform to create agile environment and facilitate innovative business models. Along with the promise of Cloud comes top concern for Security. With rise of applications, transactions and data in the Cloud, business are losing control and have less visibility on who and what is moving in and out of the business boundaries. 

Any  transformation initiative with Cloud, whether a private, hybrid or public, with early focus on security from architecture, governance, risks, threats and compliance perspective can enable the business with a compelling return on investment with a faster time to business value – regardless of geographic, industry vertical, operational diversity or regulatory needs.

Here, I would like to bring to your attention on Cisco Domain Ten framework v2.0 and my blog on What’s New in Cisco Domain Ten Framework 2.0 that is born from Cisco’s hard won experience of deploying both private, hybrid and public Cloud environments, Cisco has developed the Cisco Domain Ten framework and capabilities to help customers accelerate IT transformation.

The Cisco Domain Ten does not prescribe that customers must build each domain into their strategy – rather it provides guidance on what aspects should be considered, what impacts should be identified, and what relationships exist between domains.  Cisco Domain Ten framework 2.0, we can establish the foundation of a true IT transformation and the factors you need to consider for success. Key is to identify, establish and track strategic, operational and technological outcomes for IT transformation initiates. A major thrust of the Cisco Domain Ten is to help customers strategize for transformation vision, standardize their technology components and operational procedures, and automate their management challenges, to deliver on the potential of IT Transformation– covering Internet, Branch, Campus and Data Center environments.

Security consistently tops CIO’s list of cloud concerns. The security domain highlights identification of security and compliance requirements, along with an assessment of current vulnerabilities and deviations from security best practices for multisite, multitenant physical and virtual environments for one’s IT transformation vision.

Security should be a major consideration in any IT transformation strategy. The architecture should be designed and developed with security for applications, network, mobile devices, data, and transactions across on-premise and off-premise solutions. Moreover, security considerations for people, process, tools, and compliance needs should be assessed by experts who understand how to incorporate security and compliance safeguards into complex IT transformation initiatives.

Security is an integral part of the Cisco Domain Ten framework, applies to all ten domains, and provides guidance to customers on all security aspects that they needs. Our Senior Architect from Security Practice – Ahmed Abro articulates well in Figure – 1 Cisco Domain Ten Framework with Security Overlay that there are security considerations for all ten domains for Cloud solutions.


Figure – 1 Cisco Domain Ten with Security Overlay

Now that we understand how Cisco’s Domain Ten Overlay approach that helps one to discuss security for each domain of Cisco Domain Ten Framework, let’s now talk about the how Cisco Domain Ten aligns with Cloud Security Alliance’s (CSA) Cloud Control Matrix to discuss the completeness and depth of the approach.

CSA Cloud Control Matrix Alignment with Cisco Domain Ten

Application & Interface Security

  • D-8 – Application

Audit Assurance & Compliance

  • D-10 – Organization, Governance, processes

Business Continuity Mgmt & Op Resilience

  • D10 – Organization, Governance, processes

Change Control & Configuration Management

  • D10 – Organization, Governance, processes and
  • D-3 – Automation

Data Security & Information Lifecycle Mgmt

  • D-9 – Security and Compliance

Datacenter Security Encryption & Key Management

  • D-9 – Security and Compliance and
  • D-1 – Infrastructure

Governance & Risk Management

  • D10 – Organization, Governance, processes

Human Resources Security

  • D10 – Organization, Governance, processes

Identity & Access Management

  • D-4 – Customer Interface

Infrastructure & Virtualization

  • D-1 – Infrastructure and Environment and
  • D-2 – Abstraction and Virtualization

Interoperability & Portability

  • D-7 – Platform and
  • D-8 – Application

Mobile Security

  • D-8 – Application and
  • D-1 – Infrastructure and Environment

Sec. Incident Mgmt , E-Disc & Cloud Forensics

  • D-9 – Security and Compliance and
  • D10 – Organization, Governance, processes

Supply Chain Mgmt, Transparency & Accountability

  • D10 – Organization, Governance, processes
Threat & Vulnerability Management
  • D-9 – Security and Compliance

 Table – 1 CSA Cloud Control Matrix Alignment

with Cisco Domain Ten Framework

From above table, one can see that Cloud Security Alliance Cloud Control Matrix and Cisco Domain Ten aligns well and it also highlights key facts that many areas such as Mobile security requires one to focus on Application and Infrastructure (network, virtual servers), etc to address security needs. One should also note that Cisco Domain Ten’s focus on Catalog (Domain 5) & Financials (Domain 6) that highlights security specific SLA and assurance discussions for security controls.

Now that that we discussed, Cisco Domain Ten approach for Security, In the next blog, I would try to discuss how Cisco Service’s focus on the strategy, structure, people, process, and system requirements for Security can help business address an increasingly hostile threat environment and help successful migration to Secure Cloud based transformation. We will also discuss current questions in business asks or should ask to understand security and privacy in the vendor’s agreements.


Tags: , , , , , , , , , , , , , , , , , , , , , ,

Seamless Solutions for a World of Many Clouds

Considering all the hype around the cloud, it’s easy to forget that we live in a world of many clouds. Organizations can’t simply tap into a single all-powerful entity located everywhere and nowhere, all at once. In reality, they must dip in and out of a complex and often challenging array of public, private, and hybrid clouds.

But what is the future of cloud? The Internet of Everything (IoE) is driving an unprecedented explosion in connectivity — and transformation — and cloud is the key delivery system that makes it all possible. In the enterprise, cloud has already upended traditional IT consumption models, transitioning IT departments into brokers of services that are increasingly available through third-party vendors — and accessed through a variety of clouds. Facing an increasingly cloudy future, service providers are focused on moving beyond their traditional roles as telecom providers, while new players continue to enter the core markets of traditional service providers.

But how will enterprises and service providers meet the security and operational challenges of an ever-expanding and increasingly complicated cloud universe? Part of the answer lies in the industry’s evolution toward an ecosystem of cloud providers. Incorporating a cloud “brokerage” and a cloud “federation,” this ecosystem will give customers a choice of cloud solutions that meet their specific needs.

I’m happy to report that Cisco, along with some of our key partners, is helping to smooth the cloud transformation journey both on the demand (enterprise) and supply (service provider) sides.

This week we announced at Cisco Live Milan  a breakthrough hybrid-cloud solution called Cisco InterCloud, which paves the way for interoperable and highly secure public, private, and hybrid clouds.

Read More »

Tags: , , , , , , , , , , , ,

Evolving to Cloud and Hybrid IT

For a while now, I’ve been promoting that partners need to adopt a Hybrid IT business model to be successful and stay competitive in a world with more market transitions, more technologies, and more customer choices than ever before.

Customers are consuming IT differently, and line-of-business decision makers have more and more influence on IT decisions. The Internet of Everything offers tremendous opportunity, but requires a new set of services and solutions than many of our partners have offered in the past.

A Hybrid IT business model requires partners to address these market transitions; to provide traditional IT (on premise) solutions, managed services, private/public/hybrid cloud services, packaged with professional services, and offered with different SLAs and consumption models.

Embracing this model opens new opportunities for partners. It may mean expanded reach. It may mean selling into a new vertical, a new geography, or addressing new business needs within an existing customer base.

At Cisco Live Milan this week, Cisco announced the expansion of the Cisco Cloud Portfolio  with the introduction of new products and services, including a new hybrid cloud solution, Cisco InterCloud. Cisco InterCloud aims at lowering the total cost of cloud ownership and creating new pathways to secure public, private and hybrid clouds. Read More »

Tags: , , , ,

Cisco Ships Millionth IVR Port

Cisco achieved a major milestone in the interactive voice response (IVR) industry in December, 2013 as we shipped our one millionth IVR port.  This includes cumulative shipments of new ports of the award-winning Cisco Unified Customer Voice Portal, Cisco Unified IP-IVR, and IVR ports shipped with Cisco Unified Contact Center Express.  This achievement is all the more remarkable given that we’ve been in the IVR market for just ten years.  In that time we’ve also become (and remain) the world’s top IVR vendor–by a wide margin.

In addition to our success in the IVR market, Cisco continues to grow and lead in the contact center industry.  To date, we have shipped nearly 3 million contact center agent seats, providing front line business personnel with the resources needed to maintain relationships with customers.  Cisco shipped 900,000 seats in just the past two years, and over the last three years, Cisco has closed the market share gap with Avaya by nearly 10 points worldwide and by over 22 points in North America.

On average more than 2,600 businesses purchase Cisco Contact Center products each year, from small and medium-sized companies to very large enterprises in markets ranging from healthcare, finance, and education to communications, travel, entertainment, and retail.  Cisco Unified Contact Center solutions remain key components to managing multiple, simultaneous customer interactions over the phone, via real-time chat, web collaboration, social media, and email.

Our sustained success in IVR and contact center is a testament to our differentiated architecture, award-winning customer care solutions, a rich partner ecosystem, and a knowledgeable, energized sales force.

Tags: , , , ,

Cisco Extended Care Improves Patient Engagement

Cisco’s new Extended Care Solution enables patient engagement and care team collaboration at any time and from anywhere including home, office and other remote locations.  Cisco Extended Care is a new browser-based health and wellness collaboration solution platform that features ad hoc and scheduled video consults, secure messaging, customizable pre-appointment questionnaires, a video library platform and the ability to manually capture readings from personal wellness devices.

Cisco Extended Care SolutionIn addition, the solution offers open application programming interfaces (APIs), enabling users to integrate with other third-party applications and environments, such as video workflow, into their existing patient portal solution, thus protecting existing investments.

“Cisco’s Extended Care solution offers our customers a new way to cater to patient wants and needs, ultimately providing patients with a better experience and increasing their engagement and involvement with their own care,” said David Plummer, general manager, Cisco’s Care-at-a-Distance Solutions. “By allowing patients and their care teams the opportunity to connect for both ad hoc and prescheduled video consults, and by providing secure messaging capabilities and online questionnaires, our hospital and clinic customers will be able to operate in a more efficient manner.”

A recent Cisco survey showed that nearly 74% of the 1,547 respondents were open to sharing medical information online, and the majority of those patients were comfortable with the idea of communicating with doctors using technology instead of seeing them in person. This shift in consumer attitude opens up new opportunities for hospitals and clinics to increase efficiency, while at the same time providing greater continuity of care, driving wellness education and potentially lowering the cost of care delivery. With new lines of communication and an increased dialogue between patients and doctors, hospitals can hope to see lower rates of readmittance.

If you are planning to attend HIMSS14 in February, be sure to visit the Cisco booth (#1453) to see first-hand how Cisco Extended Care can help your organization streamline and improve patient care.

Tags: , ,