I pulled some workshop hosting duty trying to fill Jimmy Ray’s big orange shoes this morning. The subject is a great one – Intrusion Prevention in the Data Center with an incredibly sharp engineer, Stijn Vanveerdeghem. Stijn is one of those crazy smart security guys down in Austin, TX as he works with a bunch of old friends from the team of IDS experts we have there.
So much emphasis on the data center these days for obvious reasons and it makes sense that anytime we consolidate something valuable – there is going to be an increase in creativity for how to get to it when your not supposed to.
We do these workshops as part of our TechWiseTV shows for their interactivity and the difference in the depth we can achieve. A number of references were made as to other resources, shows we have done as well as published papers and studies. I have included all the links we brought up below.
If you missed Stijn’s presentation or would like to go back and take better notes – you can get to it at the same link you used to originally register OR I also highly recommend you bookmark ciscoworkshops.com
TechWiseTV Episodes referenced:
TWTV120 – Defending the Data Center
Couple of notable segments within this show worth looking at here:
Clustering Technology with the 5585X
IPS 4500 Series
Episode 15, Firewall Reinvention with the ASA CX, is a good show throughout – only one segment I will call out as a favorite however, a Master Class Jimmy Ray did on ‘Forensic Analysis.’ The differences between network device versus traditional computer forensics and network forensics best practices, why routers and firewalls aren’t the smoking gun, and how the Cisco Router Analysis Tool can help with your networking.
Fundamentals of IPS
Fundamentals of High End Firewalls
Couple of good pointers Scott Simkin lays out in his support of our workshop today – thank you Scott.
The 2012 Verizon Data Breach Report (pdf)
Performance of the Cisco IPS 4300 and 4500 (Whitepaper, .PDF)
Global Correlation on Cisco IPS Sensors (Whitepaper, PDF)
IPS Tech Tips – Protecting Industrial Environments:
Cisco IPS Go page: http://cisco.com/go/ips
Thanks for watching!
Tags: data center, IPS, security, TechWiseTV
The following excerpts are from an interview with Bernie Trudel, Asia Pacific Regional Data Center and Cloud CTO, Cisco Systems, Inc.
As someone whose world is dominated by cloud, data center, privacy, and compliance, it was exciting to meet a long-term expert with the same-shared interests. Bernie Trudel has been with Cisco for 17 years, and in addition to his role as Regional CTO, he is Chairman of the Asian Cloud Computing Association, an industry organization dedicated to making cloud computing a reality across Asia Pacific (APAC) by addressing the needs for common platforms. He shared his ideas with me on key regional trends, security to accelerate cloud adoption, and the future of the data center.
What are the key regional trends?
Increasingly APAC countries are adopting a national broadband policy driven by a combination of the adoption of cloud and the ubiquity of personal computing. There is a strong focus on data sovereignty and privacy in response to emerging data privacy legislative measures in Singapore, Malaysia and the Philippines and also greater awareness around consumer’s rights to protect private data. International connectivity is also emerging as an issue as smaller countries rely on networks that cross geographic borders.
Many of these trends are measured in the Cloud Readiness Index, which uses 10 parameters that focus on risk, power, sustainability, and other metrics to assess readiness across the region.
Read More »
Tags: Asia, asian cloud computing association, cloud, Cloud Security Alliance, data center, privacy, virtualization
Is your network ready to help you transform and be the strategic partner that you can be? Let’s face it… Today’s data centers are challenged with siloed resources and facilities… Limited scalability… Poor resource utilization… Growing complexity…Perhaps the biggest challenge is time. When 80% of your resources are dedicated to “keeping the lights on” and managing all what you have, there is very little time left for innovation that benefits the business.
And the reality is that the role of IT has to change – from a cost center to a business strategic partner! Why? Because there are increasing demands on IT to help your business differentiate in order to survive and grow in these rough economic conditions. And let’s not forget that the increasing cost pressures, technology changes, and the advent of game-changers like cloud are forcing IT executives to look at how to deliver IT differently.
These growing demands put even more pressure on the shoulders of IT especially given the current state of your Data Centers. The data center network sits at the core of IT and is key to how IT can deliver services and provide value back to the business.
So what do you do? The good news is that …
Read More »
Tags: ASA, Cisco, cloud, Cloud Computing, Consolidation, convergence, data center, DCNM, Fabric Path, FCoE, fex, Fibre Channel, it-as-a-service, LISP, MDS, nexus, Nexus 1000v, Nexus1010, NX-OS, OTV, switch, Unified Fabric, virtualization
Cloud-based computing is being viewed by schools, colleges and universities as an increasingly attractive option for delivering education services more securely, reliably, and economically.
Cisco cloud customer, Electronic Testing Services (ETS), took part in a joint webcast to discuss the economic advantages of cloud computing. If you weren’t aware, ETS hosts the advanced placement exam for students. Their previous infrastructure saw low utilization rates due to once-per-year exams. By using Cisco cloud computing, ETS now sees revenues more closely matching expenses.
Read More »
Tags: Cloud Computing, data center, education, standardized testing, Testing
On November 5th I posted part 2 of the Algo Boost series with a fantastic discussion around Customer proof points on the Nexus 3548. In our third and final segment in the series I interviewed Chih-Tsung Huang, Director of Engineering in the Server, Switching, & Virtualization Product Group to shed some light on Cisco’s continued commitment to innovate with Algo Boost technology.
GD: What is the primary difference between existing Nexus 3000 switches and the new Nexus 3548? And how do we differentiate from the competition?
CH: As we all know, the current generation Nexus 3000 uses merchant silicon while the new Nexus 3548 uses a full layer 2 bridging and layer 3 routing Cisco ASIC – designed and built from ground up to optimize switch latency. Prior to the Nexus 3548 announcement, industry best was greater than 500 nanoseconds.
One of the stated elements of our corporate culture is “No Technology Religion”. The underlying concept is that we have the freedom to choose the solution that allows us to best meet our customer’s needs and not get locked into ideological silos.
Cisco continues to invest and drive innovations and standardization efforts with the development of our own ASICs because this allows us to deliver a complete value add solution to our customers. However, we do take advantage of merchant silicon in specific use cases where features and innovation are not needed.
GD: Does the introduction of Algo Boost indicate a complete shift away from merchant silicon?
CH: Absolutely not. Cisco has and will continue to adopt a flexible silicon strategy, meaning we will buy off-the-shelf ASICs when they can immediately fill a market need, and we continue to add value through silicon innovation by designing our own ASICs. The Nexus 3548 is an example of a highly integrated Software, Hardware and ASIC solution that cannot be achieved with off the shelf components.
GD: It sounds like we are very much committed to developing our own ASICs. How many ASICS are used in Cisco Solutions today, and how much do we invest in R&D?
CH: Cisco has developed hundreds of ASICs to perform various forwarding functions in switches and routers. Cisco has developed over 20 ASICs to power the Nexus portfolio alone. We have an annual R&D budget of $5.8 billion which is greater than Juniper’s entire revenues and roughly equal to the R&D budgets of HP and Huawei combined.
GD: Algo Boost clearly addresses needs in the financial sector. Are there any other segments that will benefit from these groundbreaking features?
CH: Since mid-2011, the Nexus 3000 family has had a significant presence in massively scalable data centers. We believe these environments will see further benefits with the performance visibility tools we’re building into our portfolio, as well as the programmability and automation features in the Cisco ONE offering.
We also believe that there is an important role for custom silicon in the software-defined networking world. We feel that customers will continue to be willing to pay for advanced hardware innovation because of the value they derive from tightly integrating advanced software and hardware engineering. Customers derive the greatest value from emerging software approaches, such as SDN, when they effectively leverage the underlying infrastructure which Cisco silicon innovation enables them to do.
Additionally, the 190 nanosecond ultra low latency of the Nexus 3548 switch enables applications to innovate not only to High Performance Trading Fabrics but also into Massively Scalable Data Center, Software Defined Network, and beyond.
I’d like to thank Chih-Tsung for this valuable information. To see an actual Algo Boost powered ASIC, view the TechWiseTV segment below..
Tags: Algo Boost, Algorithm Boost, Cisco, data center, high performance computing, high performance trading, High Performance Trading Fabric, High-Frequency Trading, HPC, latency, Nexus 3000, Nexus 3500, Nexus 3548, Nexus 3K, ultra-low latency, Unified Fabric