Cisco Blogs


Cisco Blog > Security

Even Security Administrators Deserve a Break – Part 2 of 2

June 23, 2011 at 8:27 am PST

In my last post on this topic, I highlighted just how true the words “Work is no longer a place you go, but what you do” really are. We now have the ability to work anytime, anywhere, using any device. As easy as this has made the lives of workers all over the world, it’s made the lives of security administrators immensely difficult. Providing secure access to the corporate network in a borderless world, while still somehow keeping out the bad stuff, has caused traditional security policies to become increasingly difficult to configure, manage, and troubleshoot – the source of inordinate amounts of pain for security administrators.

That’s why Cisco has introduced identity-based firewall security as a new capability of the ASA platform. As the first installation of what will soon become full context-aware security, identity-based firewall security enables security administrators to utilize the plain language names of users and groups in policy definitions. Rather than authoring and managing the growing list of IP addresses to cover every possible location, device, or protocol that may be required for secure access to the network, identity-based firewall security enables security administrators to grant access to “Jeff.” Regardless of where I am or what I’m using for access, I’m still Jeff… so in the simplest case, my administrator can literally write one policy to provide “Jeff” access to the corporate network, rather than six different IP addresses for all the instantiations of Jeff.

Read More »

Tags: , , , ,

Cisco Partner Invite Reminder: Warehouse Management with Intermec

June 22, 2011 at 5:28 pm PST

As part of the Manufacturing Impact Series, here’s a reminder not to miss the Cisco and Intermec Mobile Warehouse Management Webinar set for Thursday 23rd June, 2011. It’s essential viewing and listening if you’re a Cisco resale or systems integration partner, or a partner looking to build a Manufacturing Practice and provide solutions to Manufacturing Industry Customer Care-abouts.

To be competitive, warehouse managers must deliver a high level of performance while reducing costs. Learn how the Cisco and Intermec Mobile Warehouse Management Solution delivers the benefits of mobility to industrial environments, helping warehouse managers to stay connected with their mobile workforce, increasing asset visibility across warehouse operations, providing access to information at the point of work, and delivering intelligence to mobile workers. This is a solution webcast in the “Manufacturing Impact” partner enablement series.
.
There will be speakers from Intermec: Dan Albaum, Senior Director Marketing and Bruce Stubbs, Director Industry Marketing. Jeff Rodawald, Partner Relationship Executive will be the speaker from Cisco with me, Peter Granger, as a panelist. Should be a great event with lots of folks already registered. If you’d like to register click the link: 

Click here to register for the Cisco and Intermec Mobile Warehouse Management Webinar

Date: Thursday 23rd June, 2011; Time: 11.00 am — 12.00 pm Eastern Time; (8:00 am Pacific) Place: Online.  Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Criticism Abounds, but Cloud Computing Is Here to Stay

This blog was originally published on: http://blogs.forbes.com/tomgillis/2011/05/24/criticism-abounds-but-cloud-computing-is-here-to-stay/

Wow! Lots of outrage over the colossal cloud computing outage at Amazon! With big sites such as Reddit, Foursquare, and Heroku taken down by the issues with Amazon Web Services (AWS), there’s brouhaha brewing about a black eye on Amazon—and the entire cloud computing industry.

“The biggest impact from the outage may be to the cloud itself,” said Rob Enderle, an analyst with the Enderle Group, in ComputerWorld. “What will take a hit is the image of this technology as being one you can depend on, and that image was critically damaged today…If the outage continues for long, it could set back growth of this service by years and permanently kill efforts by many to use this service in the future.”

So the cloud might be a little beat up, but is cloud computing dead? Not even close.

Cloud computing is here to stay, not only because the model is more efficient and more cost effective than the traditional IT infrastructure, but because it promotes the promise of specialization—a value that gives companies an edge and consumers a better product.

What’s AT&T Got to Do With It?

Remember the days when AT&T was the only phone company around, and their phone was the only one you could buy? First it was rotary, and then it was push-button. AT&T made every single part of the phone. It made the screws that held the phone together. The whole machine was incredibly durable, but it was also heavy, clunky, and incredibly inefficient—not to mention expensive.

It didn’t stay that way, however. Boom! Deregulation hit the industry and the price of a phone went from a hundred dollars to a hundred pennies. Everything changed, and today we see the result: throwaway phones. Now phones are ubiquitous, they’re incredibly inexpensive, and they can do more than ever before.

IT infrastructure is moving down the same path. Until now, every company has built its own expertise into its proprietary IT systems. Every company has been (metaphorically speaking) fabricating its own screws, making its own hammers, and toiling over its own infrastructure. There’s been massive duplication of efforts, and the approach is filled with gross inefficiencies.

Now that’s all changing with cloud computing. It has gained rapid adoption exactly because it recognizes the inefficiencies and complications of traditional IT infrastructure, which is built on large, complex systems that require specialized skill sets to implement and deploy. The most interesting form of cloud computing is Infrastructure as a Service, or IaaS. Instead of tilting up the servers and fabricating the screws yourself, you look to a specialist—a large service provider with a deeper level of expertise, greater economies of scale, and the ability to provide the infrastructure on which you can run your apps. Another upshot: by removing a massive noncore task from the organizational to-do list, a new wave of efficiencies and innovation can be unleashed. (Pretty soon, traditional security will look no different from that rotary phone I saw on eBay for $9.99: a charmingly clunky reminder of a long-gone era.)

Build a Plan, Don’t Pray for Perfection

Cloud computing—or anything in computing—is not perfect. Data centers, whether they are public or private, go down. Outages happen in-house as well as to the industry’s leading cloud-hosting providers.

What Amazon’s outage truly demonstrates is just how hard this job is. It’s not an argument against AWS or the cloud industry; it’s a reminder that we need to have specialists handle this complex technology. Specialists can, and will, run into problems, but their ability to respond will be better than the ability of a soap company or a car maker or a media empire to respond. As the Heroku team, one of the sites crippled by the outage, put it: “Amazon employs some of the best infrastructure engineers in the world: if they can’t make it work, then probably no one can.”

What we must all recognize is that we need solutions to better insulate companies against inevitable outages. The question we should be asking is not how can we trust the cloud, but rather how can we make enterprise applications more robust? What should the failover plan look like? (Because things fail.)

The answer is portability. We must have the ability to move apps from one infrastructure to another so that if one bursts, the whole world doesn’t come to a screeching halt. That’s Internet 101. Instead of just one web server, have two web servers in different locations and roll the load between them. Contingency plans that included having two data centers from two different providers and different availability zones kept sites such as the business audience marketing platform company Bizo running during the Amazon outage. By similarly designing systems that took potential failures into account, Netflix was largely unaffected.

The current tools available for virtual data center don’t provide good portability and rollover ability from private to public data centers. Technology vendors need to address how to move a data center workload from one cloud computing provider to another, so they can provide the resiliency and efficiency needed to deal with the occasional bad hair day. With that investment we’ll all come out looking a lot better.

Tags: , ,

Considering the Legal Ramifications of Video Surveillance

Before installing IP cameras at your small business, make sure you understand the potential “gotchas”.

Small businesses install surveillance cameras for many reasons. They keep your business and assets safe, improve productivity, and can provide a strategic advantage. Today’s IP cameras and monitoring software make it easy for any small business to manage its own surveillance. But before you aim any cameras at your front door or shop floor, make sure you carefully consider all of the legal ramifications of setting up video surveillance. There are more legal ”gotchas“ than just what you can and cannot record.

Read More »

Tags: , , , ,

Bringing the Cellular Roaming Experience to Wi-Fi

Today marked an exciting milestone in the continuing convergence of Wireless LAN (Wi-Fi) and cellular technologies as the Wireless Broadband Association (WBA) and the Wi-Fi Alliance (WFA) co-announced  that the industry’s first HotSpot 2.0 (HS 2.0) trials are scheduled for later this summer and the HS2.0 certification test beds will be available in mid 2012.  HS 2.0  is an industry initiative to develop standards-based interoperable Wi-Fi authentication and handoff.  In a nutshell, this enables a seamless handoff between cellular and Wi-Fi networks that allows mobile handset users to roam between the two networks without the need for additional authentication — much as you experience roaming between cellular networks while using your cell phone.

Industry organizations and standards bodies working on the HS 2.0 initiative include the WFA, focused on interoperability; the WBA, the industry group organizing the field trials; and the Global System for Mobile Communications Alliance (GSMA) that ensures the HotSpot 2.0 spec is aligned with the 3GPP framework.

Cisco is a strong supporter of the HS 2.0 initiative and is participating in the upcoming trials with its SP Wi-Fi Carrier Solution.  I will continue to provide updates as we move forward with this timely and critical initiative. In the meantime, take a look at this white paper, “The Future of Hotspots: Making Wi-Fi as Secure and Easy to Use as Cellular,”  which explains the technology behind HotSpot 2.0. 

Sarita Kincaid
skincaid@cisco.com
Twitter: @saritakAR

Tags: , , , , , , , , , , ,