Cisco Blogs


Cisco Blog > Data Center and Cloud

New CSA Survey Highlights Opportunities for Data Privacy Harmonization Across Cloud, IoT and Big Data

Responses in a recent Cisco-sponsored Cloud Security Alliance survey (hyperlink) illustrate that many data privacy challenges previously cast in the  “too hard” basket can be more readily navigated though focusing on universal principles across Cloud, IoT and Big Data.  Survey responses showed a surprisingly strong level of interest in a global consumer bill of rights and responses were overwhelming in favor of the OECD data privacy principles facilitating the trends of Cloud, IoT and Big Data.

Following are the most significant findings:

Data Residency and Sovereignty

Data residency and sovereignty challenges continue to emerge.  However, there was a common theme of respondents identifying “personal data” and Personally Identifiable Information (PII) as the data that is required to remain resident in most countries.

User Consent

73 percent of respondents indicated that there should be a call for a global consumer bill of rights and saw the United Nations as fostering that.  This is of great significance with the harmonization efforts taking place in Europe with a single EU data Privacy Directive to represent 28 European member states. As well as with the renewed calls for a U.S. Consumer Bill of Privacy Rights in the United States and cross-border privacy arrangements in Australia and Asia.

Privacy Principles

Finally we explored whether OECD privacy principles that have been very influential in the development of many data privacy regulations also facilitate popular trends in cloud, IoT and big data initiatives or cause room for tension.  The responses were very much in favor of facilitating the various trends.

The survey report includes an executive summary from Dr. Ann Cavoukian, Former Information and Privacy Commissioner of Ontario, Canada and commentary from other industry experts on the positive role that privacy can play in developing new and innovative cloud, IoT and Big Data Solutions. Read the Data Protection Heat Index survey report:

Data Protection Heat Index Survey Report – Sep 2014 from Cisco Data Center

 

Tags: , , , , , ,

Cisco Security Leadership Transition

I would like to announce that David Goeckeler is assuming leadership responsibilities for Cisco’s Security Business Group (SBG) effective immediately.  David has served as vice president of Product and Platform Engineering for the SBG for the last two years. His expertise will continue to help drive Cisco’s security momentum and ensure we are our customers’ number one security partner.

David has been with Cisco for 14 years. Most recently, he and his team have been instrumental in developing Cisco’s end-to-end security architecture, integrating market-leading products from recent acquisitions including Sourcefire into Cisco security solutions. These efforts are enabling Cisco to address customers’ needs in a way that no other vendor can match today.

David played a key role in last week’s launch of the Cisco ASA with FirePOWER Services next-generation firewall (NGFW). His efforts also directly contributed to a report issued today by NSS Labs that shows Cisco as a leader in security effectiveness in its 2014 NGFW Security Value Map (SVM).

David maintains a deep bench of security expertise including Marty Roesch, Bret Hartman, Mike Fuhrman, Scott Harrell and Marc Solomon. David has received a M.S. in Computer Science from the University of Illinois at Urbana -- Champaign, and MBAs from Columbia University and the University of California -- Berkeley.

I would also like to share with you that Christopher Young has decided to leave Cisco. We would like to thank Chris for his leadership and guiding Cisco through significant transitions. Under David’s new leadership, we look forward to continuing to provide best in class security solutions to our customers.

Tags: , , , ,

Continuing Our Legacy: Cisco Leads in Security Effectiveness

Last week we announced the availability of Cisco ASA with FirePOWER Services, which represents the industry’s first threat-focused next-generation firewall (NGFW). This offering addresses threats across the full attack continuum anytime and anywhere a threat may manifest.

Today NSS Labs released the final reports from its 2014 comparative NGFW testing, focusing on security effectiveness, total cost of ownership (TCO), performance and management. Classic FirePOWER appliances, such as the FirePOWER 8350 and the new Cisco ASA with FirePOWER Services, were included and scored equally well in testing, specifically in security efficacy.

If you have been following the Cisco security strategy then our results will not be a huge surprise to you. And, if you haven’t been following, then these results are going to be of great interest. In less than one year after the acquisition closed we have integrated leading next-generation IPS (NGIPS) and Advanced Malware Protection (AMP) into the Cisco ASA product line, and achieved this integration without compromising performance and continuing to innovate and focus on what matters: stopping threats. The below NSS Labs Security Value Map (SVM) visually depicts the results of this testing and includes Cisco ASA with FirePOWER Services and the classic FirePOWER 8350 appliance. All achieve top marks for security – the same position that FirePOWER appliances have always enjoyed.

NSS NGFW SVM Edition 3 Graphic

Since the inception of Sourcefire, the focus has always been on providing the most effective security in the market. Cisco continues this focus on improving coverage, decreasing customer exposure, providing unmatched visibility, and empowering customers to protect your networks and customize that protection to match your infrastructure, applications, and risks. We go further in creating the best management capabilities available and deliver the combination through our purpose-built solutions designed for enterprise networks. We believe the combined platforms provide the best overall flexibility, coverage, value, and reliability there is.

We are proud to have our products lead the SVM for security effectiveness and we’ll continue to commit to maintaining our leadership by providing our customers the best protection possible in as many ways as possible. If you have not seen them already you can download copies of the reports for the Cisco ASA with FirePOWER Services and the FirePOWER 8350.

Tags: , , , ,

Unlock The Value of Big Data with Cisco Unified Computing System

Big Data is not just about gathering tons of data, the digital exhaust from the internet, social media, and customer records.  The real value is in being able to analyze the data to gain a desired business outcome.  

Screen Shot 2014-09-21 at 8.18.12 PMThose of us who follow the Big Data market closely never lack for something new to talk about. There is always a story about how a business is using Big Data in a different way or about some new breakthrough that has been achieved in the expansive big data ecosystem. The good news for all of us is, we have clearly only scratched the surface of the Big Data opportunity!

With the increasing momentum of the Internet of Everything (IoE) market transition, there will be 50 billion devices connected to the Internet by 2020—just five years from now. As billions of new people, processes, and things become connected, each connection will become a source of potentially powerful data to businesses and the public sector.  Organizations who can unlock the intelligence in this data can create new sources of competitive advantage, not just from more data but from better access to better data.

What we haven’t heard about – yet—are examples of enterprises that are applying the power of this data pervasively in their organizations:  giving them a competitive edge in marketing, supply chain, manufacturing, human resources, customer support, and many more departments. The enterprise that can apply the power of Big Data throughout their organization can create multiple and simultaneous sources of ongoing innovation—each one a constantly renewable or perpetual competitive edge. Looking forward, the companies that can accomplish this will be the ones setting the pace for the competition to follow.

Cisco has been working on making this vision of pervasive use of Big Data within enterprises a reality. We’d like to share this vision with you in an upcoming blog series and executive Webcast entitled, ‘Unlock Your Competitive Edge with Cisco Big Data Solutions’, that will air on October 21st at 9:00 AM PT.

Register Now

 

 

I have the honor of kicking off the multi-part blog series today. Each blog will focus on a specific Cisco solution our customers can utilize to unlock the power of their big data – enterprise-wide-- to deliver a competitive edge to our customers.  I’m going to start the discussion by highlighting the infrastructure implications for Big Data in the internet of Everything (IoE) era and focus on Cisco Unified Computing System initially.

Enterprises who want to make strategic use of data throughout their organizations will need to take advantage of the power of all types of data. As IoE increasingly takes root, organizations will be able to access data from virtually anywhere in their value chain. No longer restricted to small sets of structured, historical data, they’ll have more comprehensive and even real-time data including video surveillance information,  social media output, and sensor data that allow them to monitor behavior, performance, and preferences. These are just a few examples, but they underscore the fact that not all data is created equally. Real-time data coming in from a sensor may only be valuable for minutes, or even seconds – so it is critical to be able to act on that intelligence as quickly as possible. From an infrastructure standpoint, that means enterprises must be able to connect the computing resource as closely as possible to the many sources and users of data. At the same time, historical data will also continue to be critical to Big Data analytics.

Cisco UCS Common Platform Architecture for Big Data from Cisco Data Center

Cisco encourages our customers to take a long-term view—and select a Big Data infrastructure that is distributed, and designed for high scalability, management automation, outstanding performance, low TCO, and the comprehensive, security approach needed for the IoE era. And that infrastructure must be open—because there is tremendous innovation going on in this industry, and enterprises will want to be able to take full advantage of it.

Cisco UCS for Big DataOne of the foundational elements of our Big Data infrastructure is the Cisco Unified Computing System (UCS).  UCS integrated infrastructure uniquely combines server, network and storage access and has recently claimed the #1, x86 blade server market share position in the Americas. It’s this same innovation that propelled us to the leading blade market share position that we are directly applying to Big Data workloads.  With its highly efficient infrastructure, UCS lets enterprises manage up to 10,000 UCS servers as if they were a single pool of resources, so they can support the largest data clusters.

UCS Mini

Because enterprises will ultimately need to be able to capture intelligence from both data at rest in the data center and data at the edge of the network, Cisco’s broad portfolio of UCS systems gives our customers the flexibility to process data where it makes the most sense. For instance, our UCS 240 rack system has been extremely popular for Hadoop-based Big Data deployments at the data center core. And Cisco’s recently introduced UCS Mini is designed to process data at the edge of the network.

Because the entire UCS portfolio utilizes the same unified architecture, enterprises can choose the right compute configuration for the workload, with the advantage of being able to use the same powerful management and orchestration tools to speed deployment, maximize availability, and significantly lower your operating expenses.  Being able to leverage UCS Manager and Service Profiles, Unified Fabric and SingleConnect Technology, our Virtual interface card technology, and industry leading performance really set Cisco apart from our competition.

So, please consider this just an introduction to the first component of Cisco’s “bigger”, big data story. To hear more, please make plans to attend our upcoming webcast entitled,  ‘Unlock Your Competitive Edge With Cisco Big Data Solutions’ on October 21st.  

Register Now

Every Tuesday and Thursday from now until October 21st, we’ll post another blog in the series to provide you with additional details of Cisco’s full line of products, solutions and services.

View additional blogs in the series:

     9/25:    Unlock Big Data with Breakthroughs in Management Automation

     9/30:    Turbocharging New Hadoop Workloads with Application Centric Infrastructure

     10/2:    Enable Automated Big Data Workloads with Cisco Tidal Enterprise Scheduler

     10/7:    To Succeed with Big Data, Enterprises Must Drop an IT-Centric Mindset: Securing IoT Networks Requires New Thinking

     10/9:    Aligning Solutions to meet our Customers’ Data Challenges

    10/14:   Analytics for an IoE World

Please let me know if you have any comments or questions, or via Twitter at @CicconeScott.

 

 

 

 

 

 

Tags: , , , , , , , , , , , , , , , , , , , ,

Part 1: Why Is Enabling Only Authorized Users So Complex?

In the past, a critical component of preventing threats was understanding and controlling network access and access to network resources based on role, while also denying access for unauthorized users and devices.

However, assuring this secure network access has been increasingly difficult due to:

  • Complexity in understanding more than just who, but how, by what, when and from where users and devices attempt to access network resources
  • Complexity in connecting authorized users to needed services with the explosion of both on premise and remote devices used by a single user
  • Complexity in evolving network architectures where networks have become more “flat” and difficult to manage from a security standpoint
  • Complexity in unifying the number of disparate security systems that need to be configured, managed and visualized

These various aspects of security complexity challenge security practitioners with delivering the right services and purchasing the right solutions to not just handle the complexity, but also reduce it. However, when we take a look at IT security spending, where does the majority of investment go and where do most vendors siphon their money to and why?

If you look across the entire attack continuum, there are three phases that people need to focus on when dealing with threats and attacks: before an attack happens, during the time it is in progress, and even after the damage is done. To properly protect against threats in all stages, organizations need to reinvestigate their security to gain visibility and control across these three phases in order to truly reduce risk.

Read More »

Tags: , ,