Last week at the RSA Conference in San Francisco, I had the pleasure of speaking to thousands of security professionals about the opportunities and risks associated with using Software Defined Networking (SDN) for security, which will be the underlying fabric of our next generation data centers and networks. SDN-enabled security will provide a better way to secure our most valuable applications, users and data, now and in the future.
Each vendor has a different definition of how the network is changing, and there are many different terms being used, such as software defined data center and software defined storage. Cisco calls this Application Centric Networking, for example, because we are introducing programmable APIs with a focus on distributed control plane intelligence so that applications can get value directly from the network.
It’s obvious why the networking industry is embracing SDN: lower operational costs and the ability to deploy applications and network services in a quicker, more scalable manner. Cloud bursting, which is about flexible compute in the cloud, is another SDN benefit that gives us the ability for applications to interact directly with the network in ways that do not happen today. For example, applications will be able to query the network for location of users to manage Quality of Service and deliver highly targeted content.
So why should the security industry care about SDN? As the threat landscape evolves, the opportunity is to make Security a key application for SDN. We can use SDN to build a Network-based Threat Defense System. I see three key elements to this system:
Read More »
Tags: Chris Young, network security, SDN, security, software defined networking, software defined networks, threat defense
At Cisco Live London, one of my data center theater presentations will focus on the benefits of a context-aware and adaptive security strategy. This approach helps accelerate the adoption of virtualization and cloud, which traditional static security models often inhibit. Context-based approaches factor in identity, application, location, device, and time along additional security intelligence such as real-time global threat feeds for more accurate security access decisions.
Neil MacDonald, vice president, distinguished analyst, and Gartner Fellow in Gartner Research has been advocating the benefits of a context-based approach now for some years as outlined in his Gartner blog. Not only does he say that by 2015, 90 percent of enterprise security solutions will be context-aware but in cloud computing environments where IT increasingly doesn’t own key IT stack elements, having additional context at the point of security decision leads to better decisions with risk prioritization and business factors accounted for. Neil MacDonald also co-authored a report, “Emerging Technology Analysis: Cloud-based Reputation Services,” which highlights the value of cloud-based threat intelligence in enabling secure cloud adoption.
Read More »
Tags: cisco live london 2013, Cisco Security, context-aware and adaptive security, data center security, network security, Secure-X, SecureX, security, security intelligence
While in Oslo last month for the Nobel Peace Prize activities, I heard two words that I haven’t been able to get out of my mind: “open government”.
They were the focus of discussion among the 15 international delegates—representing 14 countries and 3 continents—that Cisco had invited to its “Visioning Open Government” conference The delegates and speakers delved into the value of an open society and its imperatives for social and digital network connections—including information access, integration, and network security.
Read More »
Tags: cisco service, education, government it, network connections, network security, Nobel Peace Prize, open government, open society
BayThreat 2012, the third annual information security conference in the South Bay of San Francisco, will be held December 7–8 at The Firehouse Brewery in downtown Sunnyvale, Calif. This technical conference is well attended by security professionals from the top technology companies in the South Bay. Randy Ivener and Joe Karpenko, security specialists from Cisco Systems, will present “Network Threat Defense”at 10 a.m. Saturday at the conference.
Botnets, worms, and denial of service (DoS) attacks increasingly threaten the availability of every network, yet few network engineers realize the security benefits of leveraging network infrastructure to handle these attacks. “Network Threat Defense” will address how to build a more secure infrastructure and how to leverage inherent network features, such as NetFlow, to provide a full range of attack handling mechanisms. During the presentation, Ivener and Karpenko will briefly cover the following fundamental network security topics:
- State of network security
- Threat models for IP networks
- Incident response
- Secure network design
- Device hardening
- Introduction to NetFlow
Read More »
Tags: BayThreat 2012, Cisco Security, network security, Network Threat Defense
In this last part of this series I will discuss the top customer priority of visibility. Cisco offers customers the ability to gain insight into what’s happening in their network and, at the same time, maintain compliance and business operations.
But before we dive into that let’s do a recap of part two of our series on Cisco’s Secure Data Center Strategy on threat defense. In summary, Cisco understands that to prevent threats both internally and externally it’s not a permit or deny of data, but rather that data needs deeper inspection. Cisco offers two leading platforms that work with the ASA 5585-X Series Adaptive Security Appliance to protect the data center and they are the new IPS 4500 Series Sensor platform for high data rate environments and the ASA CX Context Aware Security for application control. To learn more go to part 2 here.
As customers move from the physical to virtual to cloud data centers, a challenge heard over is over is that they desire to maintain their compliance, security, and policies across these varying instantiations of their data center. In other words, they want to same controls in the physical world present in the virtual – one policy, one set of security capabilities. This will maintain compliance, overall security and ease business operations.
By offering better visibility into users, their devices, applications and access controls this not only helps with maintaining compliance but also deal with the threat defense requirements in our overall data center. Cisco’s visibility tools gives our customers the insight they need to make decisions about who gets access to what kinds of information, where segmentation is needed, what are the boundaries in your data center, whether these boundaries are physical or virtual and the ability to do the right level of policy orchestration to maintain compliance and the overall security posture. These tools have been grouped into three key areas: management and reporting, insights, and policy orchestration.
Read More »
Tags: ASA-CX, Cisco ASA, cisco firewall, Cisco Security, cisco sio, Cisco UCS, cloud, data center, data center security, DC, firewall, Identity Services Engine, intrusion prevention, IPS, ISE, it security, netflow, network security, pci-dss, policy, security, server, threat defense, TrustSec, virtual, virtualization, VMDC