Behind the Music: The New Threat Management with NextGen IPS CVD
If you’ve ever caught an episode of VH1’s Behind the Music, the TV series that profiles rock bands and personalities, you may agree with me that it can be fascinating. I especially like the interviews about the creative process. I’ve learned that great songs can come from just about anywhere. And that a talented group of people working together can produce amazing results.
When it comes to our Secure Data Center for the Enterprise Portfolio CVDs (Cisco Validated Designs), that’s exactly what happened. We just released the fourth CVD: Threat Management with NextGen IPS, which focuses on giving you a full set of capabilities for a threat management system. But it’s also aware that the data center has to remain efficient and support other business goals while it’s defending against cyber attacks.The development process of this CVD was strengthened because of some expert collaboration. Early on, we held a two-day brainstorming session where leading architects and engineers joined me to outline key scenarios that are validated in the design and implementation guides.
For example, it’s critical for today’s data centers to scale, and integrating security appliances can be a challenge. The design guide shows how to handle asynchronous traffic flows using context pairs. Which means you don’t need to change the data center design as you add services.
In another part of the validation process, we threw a tough failure scenario at the solution. In it, traffic was black holed indefinitely—scary in a highly available design. Some creative individuals on the team came up with a number of simple EEM scripts to avoid packet loss when a failure like this does happen. Genius! Obviously, this is critical when it comes to data center security!
Another thing that came out of the discussion with the engineers was the importance of investment protection as new products and features are released. So we made sure there’s architecture consistency in this design, whether customers want to use embedded blades in the ASA or physical appliances.
So that’s a look into the back story on the new Secure Data Center validated design. You can download it (and the other design and implementation guides in the solution) on the Cisco Design Zone page. You can also listen to Cisco Security Solutions Manager Tom Hogue and me talk about some of the technical challenges of the validation process in this video. I won’t promise an episode of Behind the Music, but you will learn more about how the solution can protect your data center against cyber threats!
Be seeing you, Bart.Tags: