Avatar

This is Part 3 of our blog series about NG-Firewalls. See Part 1 here.

Part 3: Challenges of the Typical NGFW

What good is a malicious verdict on something that had already penetrated the system?

There is no system in the world that can stop 100% of attacks/attackers 100% of the time, so infection is an inevitability that must be anticipated. Something WILL get through and when it does, the quality of your threat system and incident response plan will surely be tested. The Cisco Firepower Threat-focused NGFW is designed to understand what has happened through the entire life cycle and to be able to make immediate and automatic adjustments to contain the threat and provide the Practitioner with the forensic details necessary to manage and respond to the incident.

Typical NGFW solutions add on extra defense systems (malware sandboxes, URL gateways, etc.) in an attempt to avoid this altogether with the focus on point-in-time prevention. Whether a Typical NGFW or a Threat-focused one, all use technologies like Threat Intelligence cloud lookups of known malware signatures, or even sandboxing to allow the full progression of an ‘unknown’ to operate in a contained environment and ultimately determine if clean or malicious so it can be given an accurate disposition at the initial point-in-time. How they are used is the critical point. While a threat-focused firewall integrates these functions into its core, the Typical NGFW leverages less-integrated add-on components in order to go back to step 1 and try to deny what shouldn’t get through at first sight – attempting to prevent everything with that binary decision. Great idea, except for a few critical deficiencies: First, most modern malware is sandbox-aware and only used once. Therefore, if it runs in a sandbox it may not execute the same way as it would in the wild. Signatures are only good for the 2nd time malware is seen, so a cloud lookup isn’t, with or without sandboxing, enough to confirm an unknown that only ever has one instantiation.

Continue reading “Threat-Focused NG-Firewall – Who Cares? Part 3”



Authors

Mike Storm

Distinguished Engineer

Security Business Group

Avatar

Retail companies face a landscape filled with growing and increasingly complex threats. And the financial impact of these breaches is soaring.

There are obvious financial incentives for attacking retailers because they typically don’t spend as much on security as financial institutions or government organizations, so they’ve become easy targets in recent years. According to Gartner, retailers spend about four percent of their IT budgets on cybersecurity, while financial services and health organizations spend 5.5% and 5.6% respectively. This is critical as the number of shoppers on Black Friday and throughout the holiday season continues to grow through different omnichannel opportunities. We have to be concerned and diligent because:

  • Financial organizations spent as much as $2,500 per employee on cybersecurity in 2014, while retailers only spent about $400 per employee.
  • AppRiver Global Security Report shows that 10 of the top 20 data breaches in 2015 were retailers.
  • According to research conducted by the Ponemon Institute in partnership with IBM, the average cost for each lost or stolen record has also increased. According to the study, the cost per record increased by more than 9%, from $136 per record in 2013, to $145 per record in 2014; and those numbers are still higher in the U.S., where the average cost for each lost or stolen record is $201.

Continue reading “Security Steps to Take in the Holiday Season – and Beyond”



Authors

Ron Kjelden

Managing Architect, Retail & Hospitality

Business Transformation Team

Avatar

It’s been a few months since I took on the role of Chief Technology and Strategy Officer for Cisco Services. In that time, I’ve been inspired by the senior technical talent on our team and by the amazing ways we are helping customers.

Every day, our 30 excellent Distinguished Services Engineers (DSEs), Principal Engineers, and Principal Architects are embedded on the ground, on the road, supporting our account teams and building lasting customer relationships. Our Services Senior Technical Community does it all, from delivering integral pre-sales support to serving as virtual Chief Technology Officers.

It’s clear that technology is changing our world as everyone and everything becomes more digitized. And when it comes to our technologists, they are the “final frontier” for serious issues, instrumental to our success—and that’s just their “day jobs”!

Beyond the day to day, our senior technologists participate in community-sponsored programs that deliver high value in and out of Cisco. For example, Cisco Services has a Distinguished Discussions program, where our technologists present internally to our engineering community. While this program has been around for some time, it is now being leveraged externally as part of the Technical Knowledge Library’s biweekly educational seminar series offered to customers to further their success. Continue reading “Gaining a Competitive Edge with Innovative Services”



Authors

Kip Compton

No longer with Cisco

Avatar

The Cloud Scale launch in November focused on software enhancements to the industry’s most widely deployed high-end network operating system, IOS XR. While those points were important and well received, I want to emphasize a few points on the new NCS1002 platform that was launched within the Cloud Scale initiative.

KQ60032

The Focus of the Cloud Scale launch was to show that Cisco is offering products with open programmability to new and existing markets. While Cisco has had great success in the service provider market, these new products are exceptionally complimentary to the Over The Top (OTT) and Colocation markets as well. The growth of “Cloud Exchange” as a service in Internet Exchanges and colocation sites as well as service provider data centers, requires the type of products that were announced in this release. For instance, typical cloud exchanges will use a high density switch to enable communication between OTT players, local ISPs and global carriers.

Local connections are also made to content delivery network (CDN) players such as Netflix and Akamai within the cloud exchange site. The NCS1002 might be used by a typical colocation provider in conjunction with the NCS5000 to provide the customer with single point of entry that connects to multiple providers. In fact, within the colocation itself, content providers may want to do their own interconnection with those located within the colocation area by using the NCS1002 to avoid monthly (and rising) cross connect costs. OTT, Internet Exchanges and colocation providers have been asking for open and programmable software to make service delivery at the application level more efficient and cost effective. In this case, using the optics for Data Center Interconnect (DCI) or within the data center with the aggregation router based upon IOS XR can simplify the overall network design.

Here’s a quick look Continue reading “New DC Cloud Scale Platforms – What You Really Need to Know”



Authors

Eve Griliches

Senior Product Marketing

Optical Business Unit

Avatar

Lightsaber_blue_(with_shimmering_aura)

Being fast is important this time of year.

X–Wing Fighters in “Star Wars: The Force Awakens” are fast.

Avoiding that overly excited light saber wielding fan in line requires you to be fast.

Holiday shoppers are snatching up deals fast.

Retailers with transaction spikes need to add infrastructure capacity fast.

Your customers want their IT Infrastructure services fast…and Application Centric Infrastructure (ACI) helps deliver that speed.

This IDC report shows how Pulsant – a UK based IT Infrastructure Services Provider – delivers services fast with ACI. It also quantifies the returns on that speed and other benefits. In some ways, their story is like that of many customers – they need to deliver IT services faster, they need to do more with less…you know the drill. And if you are using ACI, you also know how to address those issues. If not, take a couple minutes and check out the report. In it, Martin Lipka, Head of Connectivity Architecture at Pulsant, addresses a number of interesting issues and IDC helps to quantify them. Check out how Pulsant is:

  • Onboarding customers faster with the “simplified automation” ACI provides
  • Growing its customer base without needing to add a commensurate number of network engineers
  • Reducing the frequency of misconfigurations and improving the security of its services

In the report, Martin explains how “automation and repeatable processes enabled by Cisco ACI have benefited his company by reducing the time needed to provision network resources and speeding up deployment cycles.” For example, “Pulsant needed an average of 7–14 days before moving to Cisco ACI to deliver a bespoke cloud service to a customer, whereas it now needs only 2–3 days.” At the back end, when those services are no longer needed, “the network process of decommissioning a customer and cleansing the configuration has gone from taking hours to seconds thanks to Cisco ACI’s built-in automation.”

ACI helps Pulsant deliver services fast. ACI also delivered a return fast – ROI analysis showed a payback period of under 7 months.

In summary, if you are looking to deploy services fast, tear them down fast, get a return fast – check out the report and check out ACI.

And, oh yeah, as a public safety message, please let’s not swing those light sabers too fast tonight. May the force be with you…

Photo courtesy of commons.wikimedia.org



Authors

Craig Huitema

No Longer with Cisco

Avatar

Machinery, supply chains, and raw materials have always been core concerns in manufacturing. Today, another asset is just as critical — data.

General Electric Chairman and CEO Jeffrey Immelt said it well: “The industrial world is changing dramatically, and those companies that make the best use of data will be the most successful.”

I certainly agree. If manufacturers want to gain the agility, innovation, and hyper-awareness needed to compete and win, they must start thinking like technology companies. That means leveraging data — and the real-time insights derived through analytics — in impactful new ways.

Continue reading “Analytics: Building a Winning Strategy in Manufacturing”



Authors

Mala Anand

No Longer with Cisco

Avatar

Telecom Asia has recently announced the winners of their 8th Readers’ Choice & Innovation Awards. For the Cisco Mobility team it was a proud moment to receive the award for “NFV Innovation of the Year” for our Virtual Packet Core (VPC) solution.

Telecom Asia Image 4_15DEC2015
(Left) Dirk Wolter, Managing Director, Mobile Service Provider Architectures, APAC Region, Cisco Systems, receives the award from (right) Amelia Ng, Director, Business Strategy Planning and Alliance Partnerships, Singtel

As a reader’s choice award it validates Cisco’s industry innovation, as recognized by our harshest critics, our Service Provider (SP) customers. But more than just collecting an award for the mantelpiece (or a paperweight for Dirk!) what is important is the way innovations in NFV are translating into innovation for our SP customers’ businesses.

We see Mobile NFV is Continue reading “Telecom Asia Readers Rate Cisco VPC as NFV Innovation of the Year”



Authors

Andrew Mackay

Head of Mobile Solutions

Asia-Pacific Region

Avatar

Most of us get into the holiday spirit this time of year. Time spent with friends and family, gift giving and reflecting on our many blessings creates a positive glow for the majority. But that feeling of gratitude doesn’t have to start and end with the holidays. And it can have a really profound impact on your overall attitude, relationships AND productivity.

Here are some simple tips on how you can create a consistent “Attitude of Gratitude”:

  • First, make a conscious effort to focus on those things that are going well and are positive influences in your life. Too often we get bogged down in talking and thinking about negative people, situations or issues. All this does is perpetuate those negative feelings into wider areas of your life. Instead, at least once a day, dwell on those things that you are HAPPY about. Yes, you may have some long hours at work and your boss may be irritating sometimes. Focus instead on the flexibility your employer gives you to attend your child’s school functions or the excellent people on your team. The more you think about the positive elements, the less impact the negative areas will have.
  • Second, remember to acknowledge and thank others for even the little things. It’s so easy to forget what an impact we can have one those around us just by saying “Thank you” or letting someone know how much you appreciate them. Keep your eyes open for people who “glow” while doing their job. I’ll always remember the janitor that worked at my daughter’s kindergarten school. Whenever I saw her, she was smiling, saying “hi” to all the kids and constantly moving. She took such pride in wiping off fingerprints and cleaning up their daily messes-something most of us would dread. But the joy she felt in doing her job just radiated around her. I didn’t really know this woman, but one day I stopped and told her how thankful I was that she was there taking care of the kids every day and how wonderful it was that she enjoyed her job so much. I’ll never forget the smile she had on her face after I told her that. I hope that it made her day. It certainly made me feel great telling her that.

Continue reading “Create an Attitude of Gratitude: Not Just for the Holiday Season”



Authors

Karin Surber

Sr. Global Business Development Manager

Global Partner Strategy and Planning

Avatar

Do the names Linda Keith and Chas Chandler ring a bell? Well, without their influence, we may have never heard of Jim Hendrix.

In May 1966, Keith ran into the then-obscure Hendrix playing at the Cheetah club in New York.  “He was astonishing – the moods he could bring to music, his charisma, his skill and stage presence,” she recalls. “Yet nobody was leaping about with excitement. I couldn’t believe it.”

HENDRIXKeith convinced Chas Chandler to come see Hendrix on August 2, 1966 in Manhattan. Chandler was the bass player for the hit group “The Animals” at that time. “He was the best guitar player I had ever heard.,”  Chandler would later comment of the performance. Chandler became intent on making Hendrix a star – but to do that, Hendrix had to go to a new place to start fresh – the U.K.

Successful customer experience for contact center directors also means going to new places – organizationally. The contact center is a critical cog in the “Big 3” of customer engagement, where the propensity of customer interactions (vs. transactions) occurs between the web, the mobile device, and the contact center.  In contrast, many businesses are not organized holistically across these three critical elements. And on occasion, each domain architects conflicting business outcomes.

Leading companies view the customer journey as a singularity from a mobile, web, and contact center perspective. Managers of these domains are beginning to exist under common organizational designs. Many are beginning to report into chief experience of digital officers.

Much like Jimi Hendrix needed to make some new friends to achieve success, so it is in business. If you’re operating in isolation, expand your organizational boundaries if you haven’t yet. Make some new friends in your mobile and web application teams. Customer experience stardom may be right around the corner for you also!

Discover more about how Cisco’s customer experience offerings can help make music for your customers here: http://www.cisco.com/assets/sol/coll/use_case_tool/outcome.htm#~customersatisfaction



Authors

Zack Taylor

Director

Cisco Global Collaboration