Extending Intent-Based Networking to the Internet of Things
The Internet of Things has changed the game for network professionals. Instead of being responsible for keeping people’s computers and smartphones online and keeping the data on servers secure, on today’s networks, network professionals are becoming responsible for keeping new kinds of devices – and many more of them – connected, protected, and available.
Every one of these new devices is on the network to help your business’ bottom line, from smart light switches in a building, to IV pumps in a hospital, to oil temperature sensors on a drilling rig, to industrial controls. Our reporting shows that by 2020, 46% of network devices will communicate machine-to-machine.
Each new device is a potential security vulnerability; 35% of respondents to Gartner’s IoT Backbone Survey cite security as a top barrier to IoT success*. According to our Midyear Cybersecurity Report, attackers now have the ability to infect 100,000 IoT devices in a 24-hour period.
Cisco has been working on building networks to support the IoT for years. Ultimately, IoT will have a big enough impact to force a fundamental change in how we create and manage networks. The technical challenges are substantial. But there are business opportunities to make the work worthwhile for Cisco customers and partners.
This is why we are leading the network industry’s transformation to Intent-based Networking. It’s what allows network professionals to manage the onboarding and administration of network-connected devices at scale. We are delivering new software to help IT teams identify, locate and set policy for IoT devices, then scale policy activation across IT and lines of business, and finally provide real-time insights for more efficient operations.
Today we are announcing Cisco DNA enhancements, aimed at further helping you manage the changing extent of networks and expanding the benefits of intent-based networking to IoT. We’re committed to doing everything we can to help you make the transition to IoT-heavy, extended enterprise networks easier. Here are three big improvements:
- Increasing IoT Visibility and Security with Identity Services Engine
You can’t secure what you can’t see. Cisco is tackling the biggest barrier to IoT adoption by providing greater visibility into and insight about the IoT devices joining your networks.
Cisco Identity Services Engine (ISE) is software that recognizes devices as they connect, reporting detailed data like manufacturer, model number, and software installed. ISE controls access across wired, wireless, and VPN connections to the corporate network and enriches Cisco DNA Center with user and device details for more actionable intelligence.
In the latest software upgrade to ISE, Cisco has doubled the number of IoT device and user device groups that can be automatically classified and identified, including those using industrial and building protocols like BACNet, Profinet, CIP, and Modbus. Getting our networks to recognize the influx of new devices that are coming online is the first step in successful management of them.
- Scaling Software-Defined Access (SD-Access) to the Extended Enterprise
We introduced SD-Access last June as a revolutionary new model for network administrators to automate access configuration and management. It’s how you can cope with the explosion in the number of devices coming online. SD-Access allows you to more easily protect your network, data and applications by simplifying the deployment of network segmentation. This segmentation is expressed in rules that match how companies think about their business policies, versus the physical characteristics of the network. Networks built with SD-Access are more secure, more flexible, and easier to maintain and manage. They are what we need to handle the dynamic nature of today’s users and devices.
Now, Cisco is extending the benefits of SD-Access from the campus to the extended enterprise (such as distribution centers, warehouses, or manufacturing plants) and outdoor environments (roadways or oil rigs). This latest Cisco DNA Center software release supports select Industrial Ethernet Switches, Compact Switches and Digital Building Switches. It enables IT to easily extend network policies across outdoor and non-carpeted spaces with no additional management overhead. At the same time, it allows you to leave the management of individual endpoints to business operations teams. Operations teams will no longer need to manage a multitude of networks, and IT can manage and secure operational environments with confidence.
- Leverage the Network to Optimize Business with Operational Insights
Our new Operational Insights cloud-based service leverages network intelligence to optimize and secure business process. Our tools provide IT teams with location analytics to track assets and IoT devices, in addition to collecting data from sensors. The network can now automatically notify personnel to take specific actions at specific times based on sensor and location data. There are use cases in multiple industries, including healthcare, manufacturing, and retail, that illustrate the need for increased safety and optimized operations. For example, critical healthcare equipment can be located in real-time while retailers can determine if a high-value item being returned was actually purchased.
Operational Insights gives your business a level of visibility into its capital equipment that goes beyond basic connectivity, to actionable insights.
Taken together, these upgraded capabilities point to a network platform for managing connected devices that is very different from the traditional, port-based, rules-heavy scheme most network managers grew up with. Intent-based networking tools like these don’t just make managing devices more intuitive, they are absolutely necessary to handle the explosion in connections coming from IoT devices. And when you need that extra help introducing IoT devices and continuing on an intent-based networking journey, Cisco Services and our partner ecosystem offer a team of experts to help you minimize risk, accelerate innovation and maximize ROI.
In addition to the new technologies above, our teams have been busy at work to roll out more intent-based networking innovations, including our new Catalyst 9500 supporting 100G with services, the smartest AP with the Aironet 4800, and new Routing Software Subscriptions that allow customer to get world class SD-WAN on any platform.
*Gartner, IoT Challenges and Opportunities in 2017: A Gartner Trend Insight Report, April 2017