Cisco Blogs


Cisco Blog > Mobility

A better understanding of BYOD without Compromise

As anyone who attended Cisco’s recent “BYOD without Compromise” Webinar noticed, the BYOD phenomenon is changing company priorities, and is bringing up a lot of questions about the solutions available to scale, secure and operate a successful  network. Replay the Webinar

Join us for our upcoming #ciscowifi TweetChat during which you’ll be able to engage in a real time BYOD discussion on Twitter with Cisco Technical Experts. What is a TweetChat?

April 17, 10-11am PST: TweetChat Topic: BYOD and Cisco ISE – use #ciscowifi.

First, I’ve put together just a few details based on the most popular questions posed during the recent webinar about Cisco’s approach to BYOD. And at the end of this post, I’ve also listed upcoming events for even more in depth technical discussions on a variety of BYOD topics.

Enhanced Identity Services Engine (ISE):

Cisco ISE is a context-aware, identity-based platform that gathers real-time information from the network, users, and devices. This enables IT to offer mobile business freedom with policy for when, where and how users may access the network..

ISE integrates with Prime Network Control System and supports BYOD with any 11n Wireless Access Point (even if you’re running your network in FlexConnect -- aka HREAP- mode)

In addition to managing on-boarding, Cisco ISE has full guest lifecycle management.  It also allows IT to deny access to devices for a variety of reasons; such as who you are, what device it is, if you are running the latest OS or anti-malware or how you are accessing  the network..

Posture -- Posture is the component of ISE platform responsible for enforcement of corporate security policies governing access to its enterprise network.  For example, for non-corp owned devices, you can decide what is the minimal requirements based on the device type/OS etc. Setting this up ahead of time will avoid security issues with non-supported devices

ISE also provides real-time endpoint scans based on policy to gain more relevant insight. These automated features result in a better user experience and more secure devices.  Cisco ISE uniquely leverages the network. It is essentially the brains for secure access and provides the policy to the network infrastructure (it is woven into the switches, routers, etc.)

New Prime Infrastructure:

Prime is a single package that provides complete infrastructure – wired and wireless, and mobility lifecycle management– configuration, monitoring, troubleshooting, remediation, and reporting.  This solution includes:  Prime Network Control System (NCS) for converged wired/wireless monitoring and troubleshooting, plus wireless lifecycle management, with new branch network management functionality; and Prime LAN Management Solution, for wired lifecycle management and Borderless Network services management.

Mobile Device Management (MDM):

To protect data on mobile devices and ensure compliance, Cisco is integrating with multiple Mobile Device Management vendors.  This gives IT greater visibility into the endpoint as well control over endpoint access based on the compliance of these devices to company policy (such as requiring pin lock or disallowing jailbroken devices), and the ability to do remote data wipes on lost or stolen mobile devices. If you don’t have a supported vendor, we will not be able to get as rich detail about the status of that device, however, you still get the full wired/wireless policy.

Current MDM third party vendors: Zenprise, Good, Airwatch, MobileIron

Device Operating Systems:

Wondering about which OS is preferred on your mobile device?

Cisco offers broad mobile device OS support in Cisco AnyConnect VPN software, including IOS, Android, and Windows Mobile.

Virtualization:

When it comes to virtualization, Cisco has created the Cisco Virtualization Experience Infrastructure (VXI), an end-to-end systems approach that delivers the next generation virtual workspace by unifying virtual desktops, voice, and video. Check out the link for more information on VXI, VXI with Citrix, VXI with VMware, Virtualization Services and validated Design Guides http://www.cisco.com/web/solutions/trends/virtualization/index.html

This is just a drop in the bucket. To get even more information on taking your organization beyond BYOD, don’t miss our upcoming technical deep dive webinars and in person events that speak directly to managing your growing network while you’re doing your best with limited resources.  You can also check out Cisco’s BYOD solution, Prime and ISE:

Upcoming Events

Tags: , , , , , ,

Anatomy of a Data Breach: Part 1

Last weekend was a typical one, nothing out of the ordinary: errands, science fairs, softball practice with the kids.  However, I found myself hesitating a number of times, thinking twice, before I handed my credit card to the cashier at the mall for to purchase a pair of shoes and again as I typed in my credit card number and security code online to purchase some items for a school fund raiser.  In the past, I hadn’t given this much thought, but with yet another data breach in the news, it seems that the breaches are continuing to occur – and as consumers, we will continue getting those ‘Dear John’ letters informing us we were one of the unlucky ones…

With news of another data breach of up to 1.5 million credit and debit cards compromised last month as well as high-profile data attacks against the International Monetary Fund, National Public Radio, Google and Sony’s PlayStation Network, data security should be top of mind to all of us.  So, how are these breaches continuing despite all of the efforts to secure customer data?  In a series of blog entries to follow, we’ll outline the anatomy of a data breach, steps you can take to reduce your risk, and how Cisco can help keep your organization from being the topic of the next breach headline.

Anatomy of a Data Breach:

It used to be that hackers were in the business of hacking for fame or infamy… mostly individuals or groups of friends were doing small-time breaches, leaving digital graffiti on well-known websites. Although these breaches demonstrated security gaps among those affected, there was little financial impact compared to today.  It should come as no surprise in a world of big data, that it is harder than ever for organizations to protect their confidential information.  Complex, heterogeneous IT environments make data protection and threat response very difficult.

Read More »

Tags: , , , , , ,

BYOD for Manufacturers: Tablets Welcome! Here’s how…

April 10, 2012 at 8:59 am PST

Have you noticed all those iPads around the factory? All around the production areas, the office areas and the warehouse? These  mobile connected devices and applications are quickly changing business and organizational models.

They are also changing employee habits and the way we work, as more and more users depend on tablets, such as the Apple iPad, for a variety of daily personal and professional tasks.

It’s not  just Apple, though they’re the most common. All those other tablets too.  Some of the others are  capable of a drop or two, or more onto hard concrete!

The most prevalent use case that IT departments need to solve for is the one where an employee brings their own personal device into the company and seeks to gain network access. This is happening a lot these days.  Funny, but companies are finding this is one of the ways they are attracting and keeping talent, especially young talent, so listen up!

Figure 1 illustrates the Cisco solution… Read More »

Tags: , , , , , , , , , , , , , , , , , ,

JetBlue Pilot Incident and Expected Response?

April 6, 2012 at 12:03 pm PST

In our weekly review call for the Cisco Cyber Risk Report for March 26-April 1, 2012 we discussed the incident of the JetBlue mid-air emergency incident. The incident has been widely reported, but a short summary is that the pilot was reportedly acting irrationally, which caused the co-pilot to lock him out of the cockpit and led to the crew and passengers having to subdue him until the aircraft could be landed and authorities removed the pilot. While the investigation of this incident continues, there have also been several of these types of incidents. A review of the incident raised several security questions with us over the incident response policies and procedures.

Read More »

Tags: , ,

Leading Global Government and Corporate Security Forward

During my 25-year career, I’ve been fortunate to work closely with some of the best and brightest, supporting government and enterprise customers around the world regardless of where I worked. These experiences have enabled me to meet with statesmen and CEOs, into open and closed-door meetings on “the Hill” and abroad, to serve as a member of the CSIS Commission on Cybersecurity, and participate on numerous think tanks, boards of directors, and advisory boards. I’ve worked and learned from leaders in private industry and global governments, the defense and intelligence communities, and I’ve always gotten after it with the goal of making a difference and producing positive results.

When Brad Boston asked for me to succeed him in leading the Cisco Global Government Solutions Group (GGSG) in addition to my role overseeing the Corporate Security Programs Organization (CSPO), I was humbled, honored, and excited. GGSG/CSPO is a great organization. Fortunately for Cisco, our customers, and me, Brad will remain nearby, focusing on our go-forward strategy for Satellite Solutions. This expanded role certainly ups the ante for me, yet it is not an altogether new one. As a member of GGSG senior staff since it was formed, and in my role leading Corporate Security during the past ten years, I’ve watched the organization grow and thrive.

In taking the helm, I will build on this team’s outstanding achievements in meeting the unique requirements of governments around the world. We’ll continue to address the challenges faced by global government agencies, defense and intelligence communities, and work to advise our public sector customers on the leading practices and technology solutions that can achieve and enhance their mission goals. In my ongoing role as Chief Security Officer, I’ll continue to oversee and work with my leadership team to drive initiatives focused on Information Security, Product Security and Government Security, with focus on crypto, advanced government services, and cybersecurity—in support of our customers.

My expanded leadership team and I recognize what a critical role we play for our global government customers. To all of you, rest assured, we will continue to strive to become your most-trustworthy vendor and a true partner—one that works hard to help enable your mission success, delivers on our commitments, and gives only our best.

Tags: , , , , , , , , ,