Cisco Blogs


Cisco Blog > Security

Cisco Live USA 2013: Recap from a Network Security Engineer

Having just returned home to New Jersey from Cisco Live US in Orlando, Florida, I thought I’d share my experiences as a Network Security Engineer both attending and presenting at this year’s conference.

There were approximately 20,000 attendees at this year’s conference, which I believe set a new Cisco Live attendance record! Considering the huge size of the conference, which rivals game day attendance at some small market Major League Baseball teams, I was amazed at the efficiency and organization of the conference—from the session logistics to the World of Solutions “happy hours” and the Customer Appreciation Event held at Universal Studios!

While listening to the various keynote speeches, most notably those from John ChambersPadmasree WarriorRob Lloyd, and Edzard Overbeek, it’s clear that Security, is “Top of Mind” for the Cisco Leadership Team.

Out of the roughly 625 sessions, there were approximately 100 sessions and labs focused on security, including a few below, which were presented by some of my fantastic and extremely bright peers within the Security organization. Sessions and labs included relevant topics such as network threat defenseIPv6threat mitigation, and intrusion prevent and signature development.http://csio.cisco.com/blog/wp-includes/js/tinymce/plugins/wordpress/img/trans.gif Read More »

Tags: , , , , , , ,

Nine HIPAA Network Considerations

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Omnibus Final Rule, released January 2013, introduced some significant changes and updates. At the same time, over 100 HIPAA audits concluded in 2012. The Office of Civil Rights (OCR) released initial analysis of these audits in May 2013. The HIPAA Omnibus Final Rule and 2012 HIPAA audit results may influence how you run your network in the future. Here are nine network considerations that could impact your network and IT processes.

  1. HIPAA Audits will continue
  2. The HIPAA Audit Protocol and NIST 800-66 are your best preparation
  3. Knowledge is a powerful weapon―know where your PHI is
  4. Risk Assessment drives your baseline
  5. Risk Management is continuous
  6. Security best practices are essential
  7. Ignorance is not bliss
  8. Your business associate(s) must be tracked
  9. Breach discovery times: know your discovery tolerance

Each of these considerations will be explored in a nine-part blog series, posted on the healthcare blogs site.

Tags: , ,

Citrix and NetScaler 1000V Taking Cisco Cloud Network Services to the Next Level

 

CiscoCitrixWith Cisco Live! in Orlando on the horizon, we are kicking off the news cycles and technology innovation a little early.  Today we’re teaming with our friends at Citrix to announce the expansion of our virtual networking portfolio and provide clarity around our strategy for application delivery controller solutions.

There are two key elements of this strategy:

First, Cisco will begin reselling and supporting a customized version of the popular Citrix NetScaler virtual application delivery controller (ADC) as part of our Cloud Network Services portfolio. Branded Citrix NetScaler 1000V, the Cisco version of the product will be fully supported by the Cisco Technical Assistance Center.  We will begin selling the NetScaler 1000V when available in Q3 CY 2013.

Secondly, Cisco and Citrix have worked on joint development to tightly couple the NetScaler ADC into Cisco’s virtual networking framework.  This joint development includes integration of NetScaler 1000V with the Cisco Nexus 1100 Cloud Services Platform, and the Nexus 1000V services integration technology, vPath.

Cisco’s Cloud Network Services strategy bridges IT to application architects, and with this Citrix NetScaler 1000V announcement, we integrate virtual applications to Cisco Unified Fabric, delivering scalable, reliable application services to users.

Why is NetScaler 1000V the right solution now?

Advances in cloud computing, data center consolidation, mobility and big data are imposing new demands on the network, along with a drive for greater network simplification and automation.

As virtual networking and programmable overlay networks evolve to meet these challenges, an equal evolution needs to take place in Layer 4-7 application networking services and security to support widespread virtualization, application mobility, cloud architectures and network orchestration.

Cisco’s solution to this challenge is Cloud Network Services, a portfolio of integrated, application-aware network services and security offerings designed for virtual and cloud environments. The Cloud Network Services framework eliminates the obstacles of physical service appliances to accommodate the requirements of virtual applications and cloud deployments, such as:

  • Limited scalability of physical services in fixed locations
  • Inconsistent application performance based on workload location relative to services
  • Difficulty in inserting security and network services into virtual networks
  • Lack of control over services and policies for applications deployed at cloud service providers

NetScaler1000V

The NetScaler 1000V virtual ADC

NetScaler 1000V fills an important void in Cisco’s virtual product architecture for an application delivery controller solution to give applications critical performance enhancements, offload application servers, and to help guarantee quality of service and improve end user experience. These requirements are growing exponentially with the increases in bring-your-own-device (BYOD), client mobility, and cloud migration.

Virtual services can be more flexibly deployed to cloud service providers without modification, while relying on the same infrastructure and policies that they might have with corresponding physical appliances in their on-premises data centers. With NetScaler 1000V, customers can have consistency across their physical, virtual and cloud infrastructures, along with the Citrix NetScaler physical appliances.

The Cisco Cloud Services Platform

With the evolution to Cloud Network Services as the Layer 4-7 framework for virtual and cloud networks, organizations are increasingly looking for a flexible platform to deploy these virtual service nodes rather than use existing application servers. Cisco has created the Nexus 1100 Cloud Services Platform to address this need.

The Nexus 1100 Cloud Services Platform is a series of UCS-based appliances dedicated to running Cloud Network Service nodes. In addition to the virtual services listed above, the Nexus 1100 runs the management platforms for the virtual network, the Virtual Security Module (VSM), and the Data Center Network Manager (DCNM) application. The Cloud Services Platform can be dynamically configured to allocate its virtual CPUs to each service as needed based on current application and performance requirements. Current models of the Nexus 1100 series include the Nexus 1110-S and 1110-X.

vPath: The Secret Sauce to Enabling Services in Virtual and Cloud Networks

vPath is a component of the Cisco Nexus 1000V virtual switch which directs traffic to appropriate virtual service nodes, such as firewalls or ADCs, in the right order for each application, independent of the topology of the network or the location of the network services. This allows for greater application mobility and more reliable service delivery. NetScaler 1000V will be integrated into the Cloud Network Services framework via vPath and will be a key differentiator against other ADC products.

As part of the Cisco-Citrix collaboration in next generation data center and cloud architectures, the Citrix NetScaler MPX line of high performing application delivery controllers will also attach to the Cisco Nexus 7000 Series switches.  This capability will provide customers the benefits of higher resiliency, plug and play installation, improved agility, and increased leverage of both their switching and ADC investments.

All of the Cisco Cloud Network Services, including the Citrix NetScaler 1000V, will be on display next week at Cisco Live! Along with other announcements we have planned for data center and cloud networking, it promises to be a great event and we hope to see you there.

For more information, check also the press release here 

Tags: , , , , , , , , ,

Three Data Center Security Innovations to Accelerate Your Business

How can you get your data center off to a smooth start? At the Gartner Security & Risk Management Summit this week, I presented three data center innovations that hold the key to accelerating business securely.

Ease of provisioning

According to a recent Cisco IT case study, data center provisioning times have decreased from eight weeks to 15 minutes. Security must do the same to realize the full benefits of data center automation.

Often, businesses have trouble implementing this vision because of their existing IT. The people and their skill base, the processes they use and even the technology they have implemented, are very silo-based. It is not designed to integrate into an automated, on-demand model.

There are many challenges imposed by siloed technologies when you attempt to converge or virtualize these environments. A common issue is when storage and server platforms were not designed to work together.  This necessitates expensive service engagements to build.  Additionally, in order to hide the associated complexity, expensive management software has to be deployed to “simplify” infrastructure deployments. This approach just doesn’t work. The result is increasing complexity that makes the architecture brittle and costly.

At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and working with technologies that are designed to work together. Your IT can be a service foundation that redefines data center economics and delivers performance, reliability, and business innovation. Unification is the element that will deliver that.

 Maximized Network Performance and Resilience

On a unified network, IT can ensure the highest levels of network performance and business continuity through:

• 8x performance density over competitive firewalls and up to 1.9 million new connections per second and 80 million maximum connections per second enables Cisco firewalls to meet the most stringent performance requirements

• Eliminating compromise, retrofits and disruption to network design via Virtual Portal Channel and FabricPath integration for increased efficiency

Pervasive Protection

The third innovation that can streamline your data center and accelerate your business is actionable security intelligence. A secure network can differentiate by users and their multiple devices, differentiate applications, know behaviors and ultimately confirm IT policy is aligned with business. Building trusted chains that extend from the user to the application and are uniquely aligned to business context, can ensure efficiency and security.

Learn how Cisco can help you to leverage these innovations to accelerate your business securely.

 

Follow me on Twitter  @e_desouza and discover my other presentation at Gartner in  my previous blog  Everything’s in the cloud : Now What?

 

Tags: , , , , , , , , , , , , , , ,

Everything’s in the Cloud: Now What?

Today’s applications are either virtualized in our own data center or being hosted by any number of providers. But is our security built around our current security reality or is it living in the past? During one of my Gartner Security & Risk Management Summit presentations, I shared best practices in a rapidly changing environment, where cloud vendor hype isn’t matching our security reality. Now that everything is in the cloud, we need a strategic approach to cloud security.

 

Here’s how to make it happen:

Ensure safe data handling when working with cloud provider. Considering cloud providers are an extension of your business, it is vital to ensure how your provider handles security for storing and transmitting your data. What provisions are in place to make sure data is secure once it has been transmitted? Determine if your provider has firewalls, data encryption, and user authentication to keep your data safe.

Combat growing threats. As cloud-based technologies grow more sophisticated over time, so do the possibilities of threats. A proactive approach to security means that we enable technology like cloud-based threat intelligence to detect a threat as they happen – or in some cases before they happen. Other anti-threat measures such as deep packet inspection and proactive monitoring can also help combat viruses, spam and other intrusions. Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.

Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.

To know more follow me on Twitter  @e_desouza  and check my blog and Gartner presentation  on Three Data Center Security Innovations to Accelerate Your Business

Tags: , , , , , , , , , , ,