Having an enterprise-wide mobility strategy provides a competitive advantage as a recent IT survey from Cisco concluded. Working with many customers over the last couple of years we have come to recognize that mobility is a multi-stage journey that every organization is taking at its own pace. While some of you might think of this journey as just getting your employees’ devices onto your network, there is significantly more to the journey – device-focused leads to application-focused, which then leads to experiences-focused.
Being a dad to my 5-month old son, I can relate our customers’ mobility journey to the 3 stages a child goes through in his first year as they learn to be mobile – roll, crawl, and walk!
Babies start off without the ability to move from one spot to the next– think of this as your enterprise 10 years ago before the popularization of smartphones. Then babies learn to roll. Suddenly, the world opens up to them. This is the first stage of the mobility journey – similar to a device focused BYOD strategy. The focus here is to provide a secure onboarding experience for your users while having the right policies in place to enable context-aware secure access control. The Cisco Unified Access solution – with ISE for policy, Prime Infrastructure for management, and converged wired and wireless network – provides the foundation for enable this BYOD solution. However, would you really want to stop at the rolling stage of development?
The next step for kids is learning to crawl. This is often the most exciting stage as kids can now move with intent. Crawling provides true mobility to the kid as he can explore the fascinating world around him and get access to all his toys. This is the application-focused strategy in your mobility journey. Now that you have enabled secure access for your workforce, you can decide on the right set of applications to enable your workforce to be productive – on the go. This is where Cisco has been working with our ecosystem partners to provide a complete mobile workspace solution.
One of these ecosystem partners is Citrix and in this blog, I’d like to highlight a first-of-its-kind solution for employee mobility, that Cisco & Citrix have developed in close collaboration.
This new Cisco Mobile Workspace Solution with Citrix, built on the Citrix Workspace Suite, provides the complete hardware and software technology stack for delivering all the applications, content, and tools workers need on any device. This new Workspace Solution is excellent for companies moving into the second stage of their mobility journey – where their focus is on providing all the applications, content and services their employees need on their devices.
This solution can help your employees, partners, and consultants work and collaborate on their mobile and desk devices, from pretty much anywhere. Read More »
Tags: byod, citrix, ISE, mobile workspace
When sizing clusters for devices in our Identity Services Engine (ISE) deployment, Cisco IT uses a “3+1” formula: For every person we assume three devices (laptop, smartphone, and a tablet) plus one device in the background (security camera, printer, network access device, etc.). In a company the size of Cisco, with roughly 80,000 employees, the math is simple: Read More »
Tags: capacity management, Cisco IT, coc-security, Identity Services Engine, IoE, ISE, security
Cisco IT is deploying Identity Services Engine (ISE) globally. ISE is a security policy management and control platform that automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. We’re running ISE 1.2 Patch 3 globally and evaluating Patch 5 for its guest networking enhancements. Over the next few months, I’d like to share some of our best practices and lessons learned as we continue our ISE deployment. Much of the background and deployment work before my blog can be found in this published article. Read More »
Tags: access control, Cisco IT, coc-security, Identity Services Engine, ISE, it security, security, security policy management
One of my passions is around PCI compliance. I know that sounds oxymoronic. How can someone actually be passionate about something as dry as compliance? Well, for the sake of argument, I prefer delusional rationalization. I think of myself as Batman! I don’t have his intelligence, money, car, or cape (well, I do have the cape, but that is another story), but I DO want to fight injustice where I can. I do think that there are bad guys out there trying to steal my family’s hard earned money. PCI compliance is the leading method for securing the world’s payment systems. The bad guys are real, security is getting harder, and I want to fight on the side of good.
The problem with fighting crime with compliance is that it can be so complex. The general strategy to minimize the complexity of PCI compliance is to use segmentation. Segmentation typically involves putting credit card applications and devices onto its own network, and use traditional firewalls to secure the perimeter. Although effective, this method brings about its own headaches around management. Firewall rulesets can become tedious and complex. Readdressing an entire enterprise with the sole driver of compliance is Herculean. Over time, if not properly managed and sustained, this method, can lead to bloat, misconfiguration, or worse, a breach.
Read More »
Tags: ISE, PCI Compliance, TrustSec
No need to guess now!
Cisco commissioned Forrester Consulting to examine the business value and potential return on investment (ROI) enterprises may realize by implementing Cisco Identity Services Engine (ISE)—a leading secure access solution. This is available in the recently published Forrester TEI (Total Economic Impact) Research. Four customers were interviewed for this study and covered use cases for policy-governed, unified access across the following use case scenarios: guest services; BYOD; full access across wired, wireless, and VPN; and policy networking. The calculation was based on a composite organization of 10,000 employees that reflected the four interviewed customers from higher education, utilities, and financial services markets.
Benefits were 75 percent reduction in support calls related to network issues and improved compliance reducing data exposure, breaches, and potential regulatory/remediation costs that could add up to hundreds of thousands or even millions of dollars. Most recently, the Ponemon Institute Live Threat Intelligence Impact Report 2013 indicated that US$10 million is the average amount spent in the past 12 months to resolve the impact of exploits. The benefit of secure access cannot be taken lightly.
Read More »
Tags: byod, ISE, ROI, secure access, security