Cisco Blogs


Cisco Blog > Security

The Three Pillars to Cisco’s Secure Data Center Strategy: Part 2 Threat Defense

In part one of our series on Cisco’s Secure Data Center Strategy, we did a deeper dive on segmentation.  As a refresh, segmentation can be broke into three key areas. The first, the need to create boundaries is caused because perimeters are beginning to dissolve and many environments are no longer trusted forcing us to segment compute resources, the network and virtualized attributes and environments. Along with segmenting physical components, policies must be segmented by function, device, and organizational division. Lastly, segmenting access control around networks and resources whether they are compute, network, or applications offers a higher level of granularity and control. This includes role-based access and context based access.  Ensuring policy transition across the boundaries is of primary concern. To learn more on segmentation go here.

Today we will dive deeper into Cisco’s security value-add of threat defense.

Technology trends such as cloud computing, proliferation of personal devices, and collaboration are enabling more efficient business practices, but they are also putting a strain on the data center and adding new security risks.  As technology becomes more sophisticated, so are targeted attacks, and these security breaches, as a result, are far more costly.  The next figure is from Information Weeks 2012 Strategic Security Survey and illustrates top security breaches over the previous year.

Read More »

Tags: , , , , , , , , , , , , , , , , , , ,

The Three Pillars to Cisco’s Secure Data Center Strategy: Part 1 Segmentation

Last week Cisco announced several new products in it’s Defending the Data Center launch. These included the Cisco Adaptive Security Appliance Software Release 9.0, Cisco IPS 4500 Series Sensors, Cisco Security Manager 4.3, and the Cisco ASA 1000V Cloud Firewall, adding enhanced performance, management, and threat defense capabilities. Core to this launch was also Cisco’s new strategy for developing Secure Data Center Solutions, a holistic approach similar to what Cisco previously did with Secure BYOD. This new strategy integrates Cisco security products into Cisco’s networking and data center portfolio to create validated designs and smart solutions. Organizations that lack bandwidth and resources or the know how to test and validate holistic designs can simply deploy template configurations based on pre-tested environments that cover complete data center infrastructures. These designs enable predictable, reliable deployment of solutions and business services and allow customers infrastructures to evolve as their data center needs change.

In developing this strategy we interviewed numerous customers, partners and field-sales reps to formulate the role of security in the data center and how to effectively get to the next step in the data center evolution or journey, whether you are just beginning to virtualize or have already advanced to exploring various cloud models. Three security priorities consistently came up and became the core of our strategy of delivering the security added value. They are Segmentation, Threat-Defense and Visibility.  This blog series, beginning with segmentation, will provide a deeper dive into these three pillars.

Segmentation itself can be broken into three key areas. Perimeters are beginning to dissolve and many environments are no longer trusted, forcing us to segment compute resources, the network, and virtualized environments to create new boundaries, or zones. Along with segmenting physical components, policies must include segmentation of virtual networks and virtual machines, as well as by function, device, and logical association. Lastly, segmenting access control around networks and resources whether they are compute, network or applications offers a higher level of granularity and control. This includes role-based access and context based access.  Let’s discuss even deeper.

Read More »

Tags: , , , , , , , , , , , , , , , , ,

Cisco UCS Establishes #1 Overall VMmark Score with World-record-setting 8-node VMware VMmark 2.1 Benchmark Result

Cisco continues its cloud computing performance leadership with the announcement of Industry’s First VMware vSphere 5.1 Benchmark Result published on September 5th 2012.

With this world-record-setting 8-node VMware VMmark 2.1 score of 42.79@36 tiles, Cisco UCS is best in performance,  best in scalability, and the result is the first to incorporate VMware vSphere 5.1—all critical contributors to effective cloud computing environments.

UCS has established many records for Cisco and for the industry with this benchmark result.

  • Cisco is best in performance, with a result more than double HP’s best result of 18.27@18 tiles.
  • Cisco is best in scalability, outperforming Fujitsu’s result of 36.07@36 tiles by more than 18 percent.
  • The Cisco UCS results show that eight 2-socket Cisco UCS B200 M3 servers outperform four 4-socket Fujitsu servers, contradicting the conventional wisdom that vertical scaling outperforms horizontal scaling.
  • Cisco is the first to publish VMmark benchmark results on VMware vSphere 5.1, demonstrating the speed at which Cisco UCS can adapt to support new environments and surpass the competition

Read More »

Tags: , , , , ,

Anticipate Business Risk When Considering Technology Investments

We could debate whether certain technologies are or are not a commodity, but the fact of the matter is when many enterprises evaluate their technology spend they consider two points: function and cost.  This viewpoint yields initial cost savings when technology investements are awarded solely based on price.  Unfortunately, a major consideration has been left out when evaluating enterprise technology investments mainly on price.  The business risk and increased operating costs associated with multivendor environments, which in the long run may mitigate any initial cost savings.

This message is not new, but what is new is a research paper from Deloitte that details the value of a single-vendor architecture in mitigating business risk and those investing in technology need to consider these risks at the time of evaluation.  This paper is a great lead in for the business architecture discussion that will translate to the technical architecture.  This paper does two things: Read More »

Tags: , , , , , , ,

Windows Server 2012 and Virtual Networking Environments Webinar

September 12, 2012 at 10:38 am PST

One area in Microsoft’s new Windows Server 2012 operating system and cloud platform that has seen a lot of innovation is in networking.

Here, Cisco has been collaborating closely with Microsoft at the R&D level for some time on technical and product integration.  We’ve got an upcoming webinar on Sept. 26 focusing on Windows Server 2012 and Virtual Networking. Cisco Nexus 1000V Product Manager Appaji Malla and Microsoft Networking MVP John Savill will be co-presenting.  

If you are interested in Windows Server 2012 and  virtual networking scenarios, then feel free to register here.

 

Tags: , , , , , ,