Cisco Blogs


Cisco Blog > Data Center and Cloud

Three Data Center Security Innovations to Accelerate Your Business

How can you get your data center off to a smooth start? At the Gartner Security & Risk Management Summit this week, I presented three data center innovations that hold the key to accelerating business securely.

Ease of provisioning

According to a recent Cisco IT case study, data center provisioning times have decreased from eight weeks to 15 minutes. Security must do the same to realize the full benefits of data center automation.

Often, businesses have trouble implementing this vision because of their existing IT. The people and their skill base, the processes they use and even the technology they have implemented, are very silo-based. It is not designed to integrate into an automated, on-demand model.

There are many challenges imposed by siloed technologies when you attempt to converge or virtualize these environments. A common issue is when storage and server platforms were not designed to work together.  This necessitates expensive service engagements to build.  Additionally, in order to hide the associated complexity, expensive management software has to be deployed to “simplify” infrastructure deployments. This approach just doesn’t work. The result is increasing complexity that makes the architecture brittle and costly.

At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and working with technologies that are designed to work together. Your IT can be a service foundation that redefines data center economics and delivers performance, reliability, and business innovation. Unification is the element that will deliver that.

 Maximized Network Performance and Resilience

On a unified network, IT can ensure the highest levels of network performance and business continuity through:

• 8x performance density over competitive firewalls and up to 1.9 million new connections per second and 80 million maximum connections per second enables Cisco firewalls to meet the most stringent performance requirements

• Eliminating compromise, retrofits and disruption to network design via Virtual Portal Channel and FabricPath integration for increased efficiency

Pervasive Protection

The third innovation that can streamline your data center and accelerate your business is actionable security intelligence. A secure network can differentiate by users and their multiple devices, differentiate applications, know behaviors and ultimately confirm IT policy is aligned with business. Building trusted chains that extend from the user to the application and are uniquely aligned to business context, can ensure efficiency and security.

Learn how Cisco can help you to leverage these innovations to accelerate your business securely.

 

Follow me on Twitter  @e_desouza and discover my other presentation at Gartner in  my previous blog  Everything’s in the cloud : Now What?

 

Tags: , , , , , , , , , , , , , , ,

Everything’s in the Cloud: Now What?

Today’s applications are either virtualized in our own data center or being hosted by any number of providers. But is our security built around our current security reality or is it living in the past? During one of my Gartner Security & Risk Management Summit presentations, I shared best practices in a rapidly changing environment, where cloud vendor hype isn’t matching our security reality. Now that everything is in the cloud, we need a strategic approach to cloud security.

 

Here’s how to make it happen:

Ensure safe data handling when working with cloud provider. Considering cloud providers are an extension of your business, it is vital to ensure how your provider handles security for storing and transmitting your data. What provisions are in place to make sure data is secure once it has been transmitted? Determine if your provider has firewalls, data encryption, and user authentication to keep your data safe.

Combat growing threats. As cloud-based technologies grow more sophisticated over time, so do the possibilities of threats. A proactive approach to security means that we enable technology like cloud-based threat intelligence to detect a threat as they happen – or in some cases before they happen. Other anti-threat measures such as deep packet inspection and proactive monitoring can also help combat viruses, spam and other intrusions. Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.

Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.

To know more follow me on Twitter  @e_desouza  and check my blog and Gartner presentation  on Three Data Center Security Innovations to Accelerate Your Business

Tags: , , , , , , , , , , ,

Network Threat Defense at Black Hat 2013

Join us at Black Hat 2013 in Las Vegas this July, for our two-day hands-on Network Threat Defense, Countermeasures, and Controls course. Courses will be offered on July 27-28 and July 29-30, and attendees will learn and perform two network security roles. First, as a Security Practitioner, you’ll learn to secure and harden network infrastructure devices, and second, as a Security Incident Response Investigator, you must correctly detect, classify, and mitigate threats attacking a network by configuring and deploying advanced network threat defenses and countermeasures. Learning these roles will help you prepare for and respond to real world threats such as the recent Financial ServicesSpamHaus, and OpUSA Denial of Service Attacks. Read More »

Tags: , , , , , , ,

Defense in Depth with Software Defined Networking

Last week at the RSA Conference in San Francisco, I had the pleasure of speaking to thousands of security professionals about the opportunities and risks associated with using Software Defined Networking (SDN) for security, which will be the underlying fabric of our next generation data centers and networks. SDN-enabled security will provide a better way to secure our most valuable applications, users and data, now and in the future.

Each vendor has a different definition of how the network is changing, and there are many different terms being used, such as software defined data center and software defined storage. Cisco calls this Application Centric Networking, for example, because we are introducing programmable APIs with a focus on distributed control plane intelligence so that applications can get value directly from the network.

It’s obvious why the networking industry is embracing SDN: lower operational costs and the ability to deploy applications and network services in a quicker, more scalable manner. Cloud bursting, which is about flexible compute in the cloud, is another SDN benefit that gives us the ability for applications to interact directly with the network in ways that do not happen today.  For example, applications will be able to query the network for location of users to manage Quality of Service and deliver highly targeted content.

So why should the security industry care about SDN? As the threat landscape evolves, the opportunity is to make Security a key application for SDN. We can use SDN to build a Network-based Threat Defense System. I see three key elements to this system:

Read More »

Tags: , , , , , ,

Ask the Data Center Security Expert: Context-Aware and Adaptive Strategies for an Agile Data Center

At Cisco Live London, one of my data center theater presentations will focus on the benefits of a context-aware and adaptive security strategy. This approach helps accelerate the adoption of virtualization and cloud, which traditional static security models often inhibit. Context-based approaches factor in identity, application, location, device, and time along additional security intelligence such as real-time global threat feeds for more accurate security access decisions.

Neil MacDonald, vice president, distinguished analyst, and Gartner Fellow in Gartner Research has been advocating the benefits of a context-based approach now for some years as outlined in his Gartner blog. Not only does he say that by 2015, 90 percent of enterprise security solutions will be context-aware but in cloud computing environments where IT increasingly doesn’t own key IT stack elements, having additional context at the point of security decision leads to better decisions with risk prioritization and business factors accounted for. Neil MacDonald also co-authored a report, “Emerging Technology Analysis: Cloud-based Reputation Services,” which highlights the value of cloud-based threat intelligence in enabling secure cloud adoption.

Read More »

Tags: , , , , , , , ,