Earlier this week, we announced the Cisco Domain Ten framework 2.0, enhanced by great input from customers, partners, and Cisco’s well-earned experience of strategizing and executing IT transformation.
The enhanced Cisco Domain Ten framework helps customers drive better strategic decisions, providing greater focus on business outcomes, providing deeper analysis of hybrid cloud implications, and extending the framework beyond data center and cloud to include all IT transformation initiatives.
You may have read Stephen Speirs earlier blogs about Cisco Domain Ten for cloud transformation. Today, let’s look at key changes in the Cisco Domain Ten framework 2.0 from the original version. These changes have been adopted to enhance discussions on three themes:
- Highlight importance of public clouds as part of IT transformation and solutions using IaaS, PaaS, and SaaS within the data center and across the entire business.
- Addition of “Organization” in Domain 10 to bring together the business and technology focus for strategy discussions.
- Name changes for some domains to facilitate ease of alignment and discussion on overall IT transformation across multiple architectures and technology solutions such as ITaaS, collaboration, mobility, video, etc. for both enterprise and provider perspectives.
Read More »
Tags: application, automation, catalog, cloud application, Cloud Computing, compliance, customer interface, data center, Domain 10, Domain Ten, financial, Governance, infrastructure, IT Tranformation, organization, platform, process, security, strategy, virtualization
What do IT and K12 Common Core Standards have in common? Forty-five states, the District of Columbia, four territories, and the Department of Defense Education Activity have adopted the Common Core State Standards. 100% of each of these states’ schools must update their network infrastructure to support the mandated online testing capabilities. Enter district IT.
Technology is a key component when it comes to achieving the objectives of these standards. The objective is to augment the learning experience through the use of wired and wireless devices and enhance skills such as communication, collaboration, research, critical thinking and tackling problems. The mandate is computer based assessments. This promotes more personalized leaning. The students are also acclimated to use technology effectively for productive life activities in the future.
The combination of common core standards adoption with BYOD or 1:1 initiatives, results in an exponential growth in addressing endpoints, bandwidth, and security. Schools are looking to upgrade their existing networks to be able to handle the current and future requirements of these standards.
Read More »
Tags: bandwidth, byod, common core, computer based assessment, computer-based, district IT, educate, education, endpoints, high density, IT, K-12, K12, learn, mandated online testing, mobile, mobility, network, online testing, school, security, standards, state standards, technology, wi-fi, wifi, wired, wireless, wlan
The security threat landscape is evolving. . . . Are you prepared? To help understand the magnitude of today’s security threats, let’s peek into a day at Cisco through the eyes of our Information Security team. Read More »
Tags: Cisco IT, coc-borderless-networks, security, security intelligence operations, sio
Why do so many organizations maintain essentially open, “flat” networks, leaving thousands of users and devices with network-layer reach to their “crown jewels”? Especially in light of what we know with data breaches, theft, and loss? One possibility may be that some organizations simply grew too quickly, and the tools in the tool chest to implement network segmentation were onerous. Other tools or point products were deployed, making it easy to say “we have Identity and Access Management Systems” for that.
But this argument falls flat in the face of a massively-increased attack surface. How did organizations become so vulnerable? Easy – the combination of enterprise mobility trends, the exponential proliferation of devices, and the dramatic increase in workloads made possible by virtualized data centers. Combine that with advanced threats – the notion that with just one social engineering attack, an adversary can quickly move across systems until he finds valuable information – and organizations quickly start to realize that network segmentation and restricting network reach are more than just “nice-to-have,” but rather, an imperative.
Limiting who and what have network-layer reach to sensitive resources to those that truly have a need to know makes a lot of sense. The trouble has been that traditional methods of implementing network segmentation and network access control are generally cumbersome and entirely dependent on how the network is architected. Need to change or maintain the policy? You may be in for major network changes and massive resource hours – whether to redesign VLANs and IP-based ACLs, or simply to rewrite thousands upon thousands of firewall rules (in many of locations). Ouch.
Fortunately, there’s a readily available technology to apply secure access policy independent of network topology. If you can (1) classify the users and devices that access resources, (2) classify the resources themselves, and (3) specify the access permissions between these classifications, then Cisco TrustSec can enforce that policy within the network – it’s that simple.
Take a look at the example above. Here, we show a simple policy that specifies how different classes of users can access various resources in the data center. Changing this policy by changing a permission or adding a new class of users or resources is really straightforward and easy-to-understand. There’s no need to redesign VLANs, carve up the IP address space and (re) subnet the network, and/or re-write IP-based ACLs or firewall rules.
To learn how TrustSec can help protect your organization’s crown jewels by limiting the reach of who and what has access to sensitive resources, check out www.cisco.com/go/trustsec.
Follow @CiscoSecurity on Twitter for more security news and announcements, and, if you’re in Milan, Italy, during the last week of January, come visit us at Cisco Live! Milan! We’d love to see you!
Tags: security, TrustSec
Last week, following the release of the 2014 Cisco Annual Security Report, my colleague Levi Gundert and I took questions from you, our partners and customers, about the report and its most interesting findings.
This year’s report highlighted a number of new trends and found unprecedented growth of threat alerts, which reached the highest level we’ve seen in more than a decade of monitoring.
Although the report paints a grim picture of the current state of cybersecurity, we are optimistic that there is hope for restoring trust in people, institutions, and technologies. This must start with empowering defenders with real-world knowledge about expanding attack surfaces. To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during, and after an attack.
Here is a link to view the recording of the broadcast. If you have any questions that didn’t get answered, please leave them in the comments, and Levi or I will get back to you.
Tags: 2014 annual security report, asr, cisco annual security report, CSO, cybersecurity, John Stewart, Levi Gundert, Live Social Broadcast, security, skills gap