Security is hot topic on everyone’s mind and for IT it is a constant challenge to stay ahead of the latest threats and vulnerabilities that their organizations face on a daily basis. Take a quick look at the news and it won’t take you long to find an article talking about the latest cyber attack that resulted in the leak of personal data. So what can organizations and more specifically IT teams do to protect themselves from threats and vulnerabilities. Personally I don’t think you can protect yourselves from all threats and vulnerabilities. Cyber threats will continue to exist and cyber criminals will continue to develop increasingly sophisticated attacks to evade even the most robust security barriers. Even if you were to isolate your network from the internet an intruder could overcome your physical security and launch an attack from within your organization.

So what can you do to protect yourself? I view security as a way to reduce your exposure to threats and you should at a minimum make sure you have the appropriate security measures in place to reduce your exposure to threats and vulnerabilities. While you may never be able to stay one step ahead of cyber attacks you should be in a position to detects threats and be able to mitigate them as fast as possible to reduce your exposure.

One of the main pillars of our Intelligent WAN Solution is security and when it comes to securing traffic in your branch network there are multiple approaches you can take. The two biggest factors impacting security strategy in the branch is cost and management. Placing standalone security devices like a firewall or intrusion detection and prevention (IDS/IPS) device in every branch can become expensive to maintain and deploy and the more branches you have the larger the cost. If you try to reduce costs by cutting back on security by having just a firewall and no IPS/IDS then you are exposing yourself to threats. Secondly once you have decided on a security solution how do you manage it? Security devices have to be continuously updated with the latest software to ensure they can protect you from the latest threats. If you don’t have a proper mechanism to automatically push updates out to your security devices then you are exposing yourself to threats and the longer it takes to update security devices the faster a threat can propagate through your network increasing your exposure. If you have lots of branches then you need a management solution that is scalable.

The Cisco ISR portfolio supports a number of different security technologies:

Zone Based Firewall (ZBFW)
Intrusion Detection and Protection (IDS/IPS)
Cloud Web Security (CWS) with Advanced Malware Protection (AMP)
Dynamic Multipoint VPN (DMVPN)

If you are thinking about moving to a Hybrid WAN architecture then I encourage you to attend an upcoming webinar on Thursday 22nd January at 10am PST, ‘ Securing Your WAN Infrastructure.’ This webinar will discuss in detail the different types of Hybrid WAN Deployments and which security technologies you will need and where to deploy them. We will also have a panel of security experts ready to answer your questions live.


Don’t waste any time, register now and make sure you are prepared for next threat or vulnerability that might be coming your way!


Kiran Ghodgaonkar

Senior Manager, Enterprise Marketing

Intent-based Networking Group