Cisco Blogs


Cisco Blog > Enterprise Networks

Securing Your Network Before BYOD or IoT

If you’re a network engineer or have been following some of the recent trends in network security space, you may have come across terms such as “erosion of trust”, “zero trust ecosystem”, “the increased attack surface” and “new attack vectors”. What this means for a network engineer is that as application migrate from on-prem to cloud, and trends like mobility and IoT vastly expand the scale of assets and forms of access to be secured, traditional network security, which historically was centered around securing the perimeter of your network, is no longer sufficient.

Anatomy of Data Breach

I was recently reading the Symantec Internet Security Report. This report has been quite appropriately themed as “2013: Year of the Mega-Breach”. In particular, the Point-of-Sale type of attack, mostly prevalent in the retail segment of the market, is a great indicator of the anatomy of a typical breach. So I’ll use that as an illustrative example for the purposes of this post.

Read More »

Tags: , , , , ,

Announcing: New Catalyst 3850 SFP Fiber Switch Models Expand Cisco Unified Access

May 19, 2014 at 5:30 am PST

Catalyst 3850 FiberOver a year ago, Cisco launched its first flagship Catalyst 3850 series switches at Cisco Live London. With its integrated wireless LAN controller functionality and the innovative UADP ASIC, the Catalyst 3850 switches provide a converged wired and wireless platform that is the heart of “One Network” in the Cisco Unified Access “One Policy. One Management. One Network” approach.

Today, we are excited to announce an addition to the Cisco Catalyst 3850 series switch family: the new Catalyst 3850 1G SFP fiber switch models. They are new SKUs in the Catalyst 3850 switch family and they help further expand the Cisco Unified Access solution. I’ll explain how later, but first let me help you get familiar with this new product offering.

The new Catalyst 3850 SFP fiber switch models have nearly everything identical with their sibling access switches in the Catalyst 3850 switch family: Read More »

Tags: , , , , , ,

IWAN Wed: The Case for Direct Internet Breakout at Branch and IWAN

Simplify Branch Security with ISRCloud services and SaaS applications is enabling customers to accelerate their business processes and improve employee productivity while lowering their total IT spending. The Cisco IWAN solution is helping organizations adopt cloud applications with an improved user experience by enabling local internet breakout from the branch environment, thus helping eliminate the need to backhaul internet-bound traffic across the WAN link. This helps provide the user improved experience through lower latency for not only internet applications, but also free up bandwidth for application on the WAN link. The reduced WAN link usage also means lower IT spending those links.

However, a study commissioned by Cisco during Jan’14 from 641 customers from US and Europe on their MPLS usage and adoption of local internet breakout found that 68% of the customers responded that enabling direct internet access was an organizational focus for them.  However, 54% of the total respondents reported that lack of sufficient security at the branch environment hindered them from enabling local internet breakout at the branch. This was ranked as the #1 reason to not enable Direct Internet Access at branch sites.

Read More »

Tags: , , , , , , , , ,

Demystifying the Catalyst: The Basics of Application Visibility in the Network

What is Flexible NetFlow and why should you use it? In this blog post, let’s take a look at the basics of Application Visibility in the network for capacity planning and security.

In an enterprise, hundreds of applications are accessed by users from different locations within the campus and remotely from a branch or home. The application usage is usually not known beforehand and increases non-uniformly over time. This non-uniform app usage translates to non-uniform increases in traffic across the network which complicates capacity planning. Another complexity to capacity planning is that there can be sudden spikes in the traffic due to security issues such as internal security breaches, viruses, Denial of Service attacks, or network-propagated worms. IT administrators should not wait for these incidents to happen in order to tackle them. Instead, administrators must have the ability to see the usage pattern in advance for capacity planning and security incident detection and remediation.

Read More »

Tags: , , , , , , , , , , , , ,

High Density Demand Will Test Your Network’s Readiness for Mobility

March 29, 2012 at 1:56 pm PST

I was driving home the other day when I heard a radio report on densely populated California cities. What’s interesting was a mention of a small California city that is ranked as the nation’s fourth most dense urbanized area. I guess that a lot of people don’t know Delano, a central valley city with a population density of 5,483 people per square mile. It’s surprisingly more dense than the New York-Newark, N.J. metropolitan area which is ranked the 5th.

Many people with many devices in a densely populated area can pose a challenge to WiFi networks. I was talking to a Cisco customer in the New York City area a few days ago. He said that deploying WiFi was not as straightforward as it used to be. There are many RF interferences near his office and many new SSIDs that he never saw before.

Read More »

Tags: , , , , , ,