Lock It Down or Free It Up?

March 1, 2012 - 0 Comments

On February 29th, Christopher Young, Senior Vice President of Cisco Security, delivered a rousing keynote address at the RSA 2012 conference in San Francisco.

The title and theme of his presentation, “Lock it Down or Free it Up?”, spoke to the dilemma organizations of all sizes face every day.

Today organizations face an array of challenges, as they attempt to balance security with productivity. Today’s workforce is more global and mobile than ever before; applications are no longer monolithic and locally controlled, but can consist of dozens of microapplications that are controlled by disparate organizations and delivered locally, globally, or in the cloud; and network access can be obtained from anywhere in the world, from a wide range of personal and corporate-owned devices.

All of these business realities have dramatically amplified network complexity, requiring firewall administrators to choose between enabling the anytime, anywhere, any device access required for employee productivity, and the degree of security required to protect the business. In other words, they’re faced with the decision of what to do with their network and data – should they lock it down, or free it up?

The problem, of course, is that the answer isn’t black and white. Organizations can neither completely open up their networks, nor completely lock them down; either extreme would hurt them – either by killing their productivity or by opening them up to a plethora of threats. As companies continue to migrate toward cloud-based models and further embrace BYOD to maximize workforce productivity, network security is becoming increasingly complex.

Striking a balance between productivity and security requires a new level of network visibility and control – one that enables organizations to not only see what’s going on within their local network and the external global network, but also to make intelligent security decisions based on that intelligence, for enhanced control over what they allow.

As Mr. Young pointed out, the answer lies in developing intelligent networks that integrate security technologies and context awareness to deliver granular control over who, what, where, when, and how company data is accessed.

Cisco understands these complex needs, and delivers a set of security products, technologies, and solutions to help organizations of all sizes take control of their complex and evolving network security needs without compromising flexibility. The overarching solution is the Cisco SecureX Framework, a context-aware, network-centric approach to security that enables consistent security enforcement throughout the organization, greater alignment of security policies with business needs, integrated global intelligence, and simplified delivery. The result is intelligent security enforcement – from endpoints, to the data center, to the cloud.
The Cisco SecureX Framework is delivered through a set of security solutions:

  • Cisco ASA CX Context-Aware Security extends the ASA platform to provide deep insights about what is happening throughout the network, to provide organizations with a deep level of network insight and control enterprises need to allow legitimate business traffic, while maintaining the highest levels of security
  • Cisco TrustSec 2.1, which leverages new device sensors that are integrated into the network to automatically detect and classify all devices attaching to the network; and broadens support for its innovative SGA technology for exceptional control with policy-based enforcement across the wired and wireless infrastructure
  • Cisco AnyConnect Secure Mobility, which provides secure remote connectivity between the corporate network and a wide range of devices, and delivers detailed information on the type, location, and posture of mobile devices before they can access the network
  • Cisco Security Intelligence Operation (SIO), which delivers proactive, reputation-based threat protection backed by global correlation – for near-real-time protection from zero-day malware
  • The result of all of this is intelligent security enforcement – from endpoints, to the data center, to the cloud – that is seamless to the end-user and more efficient for the IT organization.

    By increasing overall network visibility and control while maintaining secure access for devices and applications, organizations can achieve extraordinary new levels of efficiency and worker productivity, without sacrificing network security.

    For more information, see Christopher Young’s RSA 2012 Keynote Address video above or visit the Cisco RSA 2012 Conference page.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.