The impact of recent events over the last year on the networking landscape cannot be emphasized enough. Organizations have undergone rapid transformation, moving to telework and dissolving the concept of a defined security perimeter. The explosion of distributed endpoints, brought about by employees working remotely, and proliferation of destinations with applications moving to the cloud, has surfaced unprecedented security challenges from a multitude of unknown threat vectors.
The scale and impact of these threats has humbled and humiliated the most powerful corporations on the planet. The Federal Bureau of Investigation reported that 2500 American institutions were victims of cybersecurity attacks last year—a 66% increase from 2019. American organizations paid at least $350 million in cryptocurrency in 2020 year from ransomware attacks. *
Inadequacies in network infrastructure combined with software vulnerabilities have emboldened attackers to target institutions, disrupting their business operations and hurting profits. The recent spate of damaging cybersecurity incidents against JBS Foods, Colonial Pipeline, transportation systems in NYC, United Health Services, and other sectors have demonstrated the impact of such attacks that threaten the day-to-day essential services for millions of people. It should be a wake-up call that no IT infrastructure is completely insulated from threats. All organizations should urgently review existing deterrents and implement best practices to fortify their enterprise from threats.
The Zero-Trust Security Framework is the Antidote to Pandemic of Cyber Attacks
Cisco’s Zero Trust Framework is the remedy for this pervasive malaise. With a “Never Trust, Always Verify” approach, its core focus is to minimize data breaches by stopping east-west infections and reducing the attack surface across the enterprise network by:
- Establishing a level of trust by identifying endpoints as they onboard the network, define their roles, and assign access policies
- Enforcing trust by segmenting the network to secure network and resource access and prevent the spread of east-west threats
- Verifying trust by continuously monitoring each endpoint for anomalous behaviors
Cisco SD-Access Reduces Risk
Cisco DNA Center offers a solution with SD-Access that delivers a zero-trust outcome from the campus workplace to remote workforce, branch sites, and applications. The Cisco DNA Center Endpoint Analytics application uses deep packet inspection and Machine Learning to identify, profile, and group endpoints. Policy Analytics enhances visibility by continuously analyzing traffic flows, making it easy for administrators to define and enforce macro and micro segmentation across the automated fabric. Cisco’s latest innovation around Trust Analytics constantly assesses risk by monitoring endpoint vulnerabilities and anomalous behavior at Day N. This definition of trust and endpoint context can be extended beyond the enterprise through the SD-WAN to data center and cloud networks with policy integrations.
SD-Access Provides an Easier Way to Start to Zero-Trust Security
To deliver zero trust, SD-Access depends on a modern network infrastructure with Cisco DNA Center and an automated switching fabric. It’s now easier to embark on the SD-Access journey with existing network designs, including L2 segments and Network Admission Control (NAC) solutions, based on business priorities and desired outcomes.
The segmentation catalog is expanding to offer “multiple journeys” that make it easier to evolve networks in a step-by-step process that aligns with your business outcomes. By decoupling SD-Access constructs, we are enabling organizations to plan their own journey, minimizing business disruptions while at the same time, taking advantage of benefits along the way.
Preserve Existing VLANs in Layer 2 Access Networks
Integrating existing layer2 switching domains with SD-Access is sometimes challenging. It requires IT to reconfigure VLANs in their infrastructure to match the fabric VLANs—a process that can be a both disruptive and time-consuming.
SD-Access introduces the ability to retain the existing access VLANs when creating macro segments in fabric. IT can now define the VLAN ID in fabric for their Layer 2 access networks so that external switching domains can connect to Edge Nodes. This enables IT to connect external switches without operational inconveniences.
SD-Access Trust Analytics Completes a Zero-Trust Journey
Using Endpoint Analytics, Cisco SD-Access establishes an initial level of trust by identifying each endpoint that onboards the network. Now, with the addition of Trust Analytics, IT can monitor trust continuously after the initial onboarding.
To generate a single comprehensive score that reflects an endpoint’s trust level Trust Analytics takes each endpoint’s interactions within the network, evaluates its security posture, assesses its vulnerability to external attacks, and checks its credentials. The Trust score can range from low (1-3), medium (4-7) or high (8-10) depending on the probability of infection. Trust Analytics detects traffic from endpoints that are exhibiting unusual behavior by pretending to be trusted endpoints using MAC Spoofing, Probe Spoofing, or Man-in-the-Middle techniques. When Trust Analytics detects such anomalies, it signals Endpoint Analytics to lower the Trust Score for the endpoint to completely deny or limit access to the network.
Supplementing the network with Cisco Identity Services Engine (ISE) completes the continuous trust cycle by aggregating device classification, segmentation rules, and trust analytics to monitor, identify, and isolate any detected device anomalies that can indicate a breach or infection. Cisco ISE provides rapid threat containment and remediation by automatically detecting and isolating suspicious devices or people logging in from unusual or unknown locations.
Start Securing Your Network Today with a Zero-Trust Security Framework
We are well into a global digital pandemic and companies need to reassess their existing security protocols and revamp their cyber defenses or create one. Cisco’s SD-Access Zero-Trust Security Framework makes it easier to evolve an existing traditional network to a modern, automated, and secure one in a stepwise manner with minimal disruption to the workforce and business operations. To stop the digital pandemic, start with the basics. Start with SD-Access.
For more details, please read Establish, Enforce, and Continuously Verify Trust with SD-Access in Simple Steps, listen to a podcast S8|E21 Simple Steps to SD-Access Adoption, and watch Tech Field Day Cisco Software-Defined Access Migration.
*WSJ: Beyond Colonial Pipeline, Ransomware Cyberattacks Are a Growing Threat
Check out our Cisco Networking video channel
Subscribe to the Networking blog
Kanu, good explanation within the context of Pandemic.
Excellent, very informative write-up Kanu – Thank you!!