This year I was honored to be able to present and participate at Cisco Live Cancun, which took place last week. Many attendees from North, Central and South America and the Caribbean came to discover innovative ways that networking technologies can help them reach new markets and understand which solutions are right for their specific challenges.
Security was a hot topic this year!
Customers were able to connect with numerous experts for guidance and advice on security IT challenges that their company may be facing. Maintaining an appropriate security posture in “Bring Your Own Device” (BOYD) environments can be a challenge. This year I delivered a presentation about BYOD Security and Cisco’s TrustSec in an 8 ½ hour session titled “Bring Your Own Device – Architectures, Design and Operation” (TECRST-2020). Implementing BYOD requires a comprehensive solution that ensures the security and reliability of the network while enhancing user experience and productivity. The exponential growth of consumer devices and the need to maintain continuous connectivity to corporate and Internet resources has brought new challenges to corporate networks. Network managers struggle to provide adequate connectivity to employees while protecting corporate data. This session focused on the architecture and framework required to deploy the proper network infrastructure, security components and device management to support different endpoints, each with unique permissions into the network. A combination of lectures and live demos provided the information needed for customers to build an effective BYOD solution. The latest Cisco Validated Design guide (CVD) 2.5 for BYOD was covered highlighting different BYOD use cases, including TrustSec, converged access and the integration with Mobile Device Managers (MDM) to receive device posture information. Read More »
Tags: ACI, anyconnect, application centric infrastructure, cisco live cancun, Cisco Security, cisco sio, Security Group tags, SGT, TrustSec, vpn
In this blog, let us take a look at how Catalyst access switches enable and enforce context aware access to IT resources.
Many types of devices, including laptops, smartphones, and tablets, are used by end users to connect to the network wired, wirelessly, and remotely through VPN. With bring your own device (BYOD) access, the devices can be personal or corporate owned. Every enterprise has policies that dictate who can access what applications and databases, when and how. Traditionally, IT manages the policy either by introducing appliances at points in the campus where users connect or by manually configuring all the access switches. Appliances incur additional capital and operational expenses, whereas manual configuration of the switches requires maintenance of every switch. Moreover, the network can carry traffic using Ethernet, IPv4, IPv6, or other technologies, so the configuration must keep up with changes in technology, which leads to higher operational complexity and costs.
Read More »
Tags: 3560-X, 3750-X, 4500E, Cat 6500, catalyst, context-aware, secure access, Security Group tags, SGT
The former Director of Central Intelligence Directives 6/3 established specific protection levels based on an information system’s assessed level of concern. In 2008 The Office of the Director of National Intelligence (ODNI) began releasing Intelligence Community Directives (ICD) that were to eventually supersede the DCID. I’m no longer an active practitioner of Certification and Accreditation so it is unclear to me whether the ICD 500 series has actually superseded or cancelled the DCID 6/3. From my interactions over the past 18 months I’m thinking that the DCID 6/3 is still alive combined with specific ICD 500 guidance and 800-53. Regardless, in my opinion the DCID 6/3 offers some great legacy guidance for multi-tenant clouds.
Read More »
Tags: 802.1ae, 802.1x, Cisco TrustSec, cloud, CTS, DCID, Multi-Tenancy, network virtualization, ODNI, Security Group tags