Cisco Blogs


Cisco Blog > Security

The Expanding Burden of Security

July 8, 2014 at 6:00 am PST

[ed. Note: This post was updated 7/9/2014 to include new information not available to the author at the time of original publishing]

I just returned from the Gartner Security Summit at the Gaylord Resort in National Harbor Maryland. Each morning I took my run along the Potomac River and passed this sculpture of a man buried in the sand.

KT_sandman

In speaking with many IT executives they expressed specific concerns around their IT security, and this sculpture of the “man in the sand” took on new meaning for me. I could see how they might similarly feel overwhelmed and buried given their limited resources and the abundance of threats to their environments. Yes, I’ve been in this industry too long! Anyway, throughout all of my conversations it was abundantly clear that people were looking for a new way to approach securing their networks and applications. Customers are recognizing that unsecured access to the network is a critical threat vector; however, when leveraged properly, the network itself also provides a significant platform that offers comprehensive protection to close those gaps. So, what do I mean by that?

The network uniformly sees and participates in everything across the threat continuum, whether before, during or after an attack. If we can leverage the insights and inherent control the network provides, IT organizations can truly augment their overall end-to-end security across this continuum. If done correctly, this augmentation can happen without investing a large amount of time, energy, and resources in filling all the gaps to secure their environments -- regardless of legacy network, endpoint, mobile, virtual, or cloud usage models

Cisco strongly believes that the network must work intimately with various security technologies in a continuous fashion to offer protection for networks, endpoints, virtual, data centers and mobile.

The New Security Model

Given Cisco’s breadth and depth of security, we did not have room to exhibit our networking devices. However, within much of our networking (and even security) offerings, we have embedded security capabilities that provide more comprehensive protection across the entire threat continuum.

An example of this is Cisco TrustSec embedded network access enforcement, which provides network segmentation based on highly differentiated access policies. Cisco TrustSec works with Cisco ISE to provide consistent secure access that is mapped to IT business goals. Cisco ISE and TrustSec are part of the Cisco Unified Access solution and leverage a superior level of context and simplified policy management across the entire infrastructure in order to ensure that the right users and devices gain the right access to the right resources at any given time.

Cisco’s integrated approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection, which, in turn, allows customers to prioritize more efficiently and act more quickly - before, during, and after an attack. Through Cisco’s New Security Model, we help you achieve a more pleasant experience and get you dug out of the sand. To learn more and go beyond just a shovel and pail, go to Cisco’s Security Page.

Tags: , , , , , , , ,

Executing on our Vision: Cisco’s Comprehensive Advanced Malware Protection

The increased scrutiny on security is being driven by the evolving trends of expanding networks, mobility, cloud computing and a threat landscape that is more dynamic than ever. A combination of these factors has led to an increase in attack access points and a re-definition of the traditional network perimeter.

Due to these concerns, we have been strong proponents of threat-centric security that lets defenders address the full attack continuum and all attack vectors to respond at any time — before, during, and after attacks.

Read More »

Tags: , , , , , , , , ,

Intelligent Cybersecurity at Cisco Live

We are all struggling with the Security problem today. Zero-day attacks and advanced persistent threats have outpaced the capabilities of traditional security methods that rely exclusively on single-point-in-time detection and blocking. There is a tremendous amount of complexity in our environments and security expertise is in short supply. At the same time, the movement to an Internet of Everything (IoE) is accelerating and creating significant opportunities for businesses and attackers alike as more people, processes, data, and things come online.

This is why Cisco is steadfast in its charge of a threat-centric security model that addresses the full attack continuum – before, during, and after an attack.

Read More »

Tags: , , , , , , , , ,

Trends in Data Center Security: Part 1 – Traffic Trends

Organizations are quickly discovering that a “one size fits all” approach to security across the network falls short of addressing the unique trends in the Data Center. So what’s really that unique about the Data Center (DC)? This is a multi-part blog to highlight various trends related to securing the DC, with Part One focusing on traffic trends.

Read More »

Tags: , , , , ,

The Continuum Approach for Secure Mobility

May 5, 2014 at 6:00 am PST

A couple weeks ago, we spoke about the mobility journey and the phases that organizations take as they embrace the widely accepted mode of mobility—Beyond BYOD to Workspace Mobility (device-focus, application-focus and experience-focus). Whatever phase your organization is in, security is a top priority. These phases can help determine your secure mobility approach but your risk aversion level will also define it. Whatever your risk tolerance, the mobile threat landscape is extremely active and clever—do not underestimate it.

The dynamic nature of mobile threats does not stop by simply entering from your mobile device but it can further propagate and manifest across the network, wired devices, virtual, cloud and data center environments. So your secure mobility approach must be non-stop, continuous and pervasive—end to end. To hinder the chance of threat damage or inappropriate access whether intentional or not, one must offer comprehensive secure mobile access controls at the access layer across each phase of an attack, before, during and after.

Read More »

Tags: , , , , , , ,