How can you get your data center off to a smooth start? At the Gartner Security & Risk Management Summit this week, I presented three data center innovations that hold the key to accelerating business securely.
Ease of provisioning
According to a recent Cisco IT case study, data center provisioning times have decreased from eight weeks to 15 minutes. Security must do the same to realize the full benefits of data center automation.
Often, businesses have trouble implementing this vision because of their existing IT. The people and their skill base, the processes they use and even the technology they have implemented, are very silo-based. It is not designed to integrate into an automated, on-demand model.
There are many challenges imposed by siloed technologies when you attempt to converge or virtualize these environments. A common issue is when storage and server platforms were not designed to work together. This necessitates expensive service engagements to build. Additionally, in order to hide the associated complexity, expensive management software has to be deployed to “simplify” infrastructure deployments. This approach just doesn’t work. The result is increasing complexity that makes the architecture brittle and costly.
At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and working with technologies that are designed to work together. Your IT can be a service foundation that redefines data center economics and delivers performance, reliability, and business innovation. Unification is the element that will deliver that.
Maximized Network Performance and Resilience
On a unified network, IT can ensure the highest levels of network performance and business continuity through:
• 8x performance density over competitive firewalls and up to 1.9 million new connections per second and 80 million maximum connections per second enables Cisco firewalls to meet the most stringent performance requirements
The third innovation that can streamline your data center and accelerate your business is actionable security intelligence. A secure network can differentiate by users and their multiple devices, differentiate applications, know behaviors and ultimately confirm IT policy is aligned with business. Building trusted chains that extend from the user to the application and are uniquely aligned to business context, can ensure efficiency and security.
Learn how Cisco can help you to leverage these innovations to accelerate your business securely.
Today’s applications are either virtualized in our own data center or being hosted by any number of providers. But is our security built around our current security reality or is it living in the past? During one of my Gartner Security & Risk Management Summit presentations, I shared best practices in a rapidly changing environment, where cloud vendor hype isn’t matching our security reality. Now that everything is in the cloud, we need a strategic approach to cloud security.
Here’s how to make it happen:
Ensure safe data handling when working with cloud provider. Considering cloud providers are an extension of your business, it is vital to ensure how your provider handles security for storing and transmitting your data. What provisions are in place to make sure data is secure once it has been transmitted? Determine if your provider has firewalls, data encryption, and user authentication to keep your data safe.
Combat growing threats. As cloud-based technologies grow more sophisticated over time, so do the possibilities of threats. A proactive approach to security means that we enable technology like cloud-based threat intelligence to detect a threat as they happen – or in some cases before they happen. Other anti-threat measures such as deep packet inspection and proactive monitoring can also help combat viruses, spam and other intrusions. Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.
Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.
This week, Juniper Networks announced a new cloud-based threat intelligence service focused on fingerprinting attackers’ individual devices. We’d like to officially welcome Juniper to the cloud-based security intelligence market—a space where Cisco has a proven track record of leadership through Security Intelligence Operations (SIO). Imitation is indeed the sincerest form of flattery, but in Juniper’s case, they entered the market years late and with limited visibility.
Let’s take a closer look at Juniper’s latest offering.
To start, here is what we know for certain: cyber threats take advantage of multiple attack vectors, striking quickly or lurking for days, months and even years inside your network. Not only this, but the Cisco 2013 Annual Security Report showcases how the web is an equal opportunity infector, with cyber threats crossing national, geographic and organizational boundaries as quickly and easily as users can click on a link. Security solutions must understand the attacks and infrastructure they are launched from, with tracking individual hackers doing far less for your defenses than blocking malicious activity being actively distributed over the network.
The Problem of Visibility
When a detective walks onto a crime scene, they don’t just focus on one thing. The only way to understand an event is to look at the entire scene: interview witnesses, check the neighborhood and look into the history of everyone involved; in other words, context—or the “who, what, where and how” information using every available piece of data.
Just as a skilled investigator builds a holistic picture, security solutions are only as reliable as the intelligence they receive, with Juniper’s being limited by the number of “honeypots” across their customer base. In network security, focusing on a single piece of information, a single attack vector, or one delivery mechanism misses the global visibility and context needed to stop advanced attacks. Cisco SIO powers our security solutions, receiving over 100 terabytes of network intelligence across 1.6 million deployed web, email, firewall and IPS devices. We correlate this data from physical, virtual and cloud-based solutions with a world-class threat research team, augmenting all of this with an ecosystem of third-party contributors. Fingerprinting is one small tool you should deploy in your arsenal, even though it has limited utility and perhaps even limited accuracy.
“Think globally, act locally” is a phrase, now cliché, because it expresses an incontrovertible and immediately graspable truth. The global-local concept applies when it comes to mobilizing globally-collected cyber threat data, which in turn informs local IT operations against hackers and criminals. Of note, data collections spanning the globe don’t appear magically out of the blue, nor can they be engineered by just “anybody.” This crowd-sourced data must come from IT operations across the world to be collected, analyzed, and actioned. It’s a 24-hour cycle requiring the collective actions of organizations contributing to a mutually beneficial result. I have more to say about this in a video blog post on YouTube.
At Cisco Live London, one of my data center theater presentations will focus on the benefits of a context-aware and adaptive security strategy. This approach helps accelerate the adoption of virtualization and cloud, which traditional static security models often inhibit. Context-based approaches factor in identity, application, location, device, and time along additional security intelligence such as real-time global threat feeds for more accurate security access decisions.
Neil MacDonald, vice president, distinguished analyst, and Gartner Fellow in Gartner Research has been advocating the benefits of a context-based approach now for some years as outlined in his Gartner blog. Not only does he say that by 2015, 90 percent of enterprise security solutions will be context-aware but in cloud computing environments where IT increasingly doesn’t own key IT stack elements, having additional context at the point of security decision leads to better decisions with risk prioritization and business factors accounted for. Neil MacDonald also co-authored a report, “Emerging Technology Analysis: Cloud-based Reputation Services,” which highlights the value of cloud-based threat intelligence in enabling secure cloud adoption.