Securing today’s dynamic enterprise applications requires deep visibility, automated recommendations, efficiency at scale, and a modernized approach. With hybrid and multi-cloud adoption, traditional network-based security ran into limitations in mitigating modern day threats. As organizations move their applications and workloads to the cloud, the complexity of their environment increases. They can lose visibility into their cloud-based workloads and those blind spots can be fatal. To ensure application and workload protection, there is a need for visibility into application environments and reducing the attack surface. Microsegmentation solutions drastically reduces the risk of threat actors being able to spread laterally across application environments to mount sophisticated attacks.

To address this demand, IBM and Cisco partner to help organizations adopt a modernized and robust IT security strategy on IBM LinuxONE and Linux on IBM Z to accelerate digital transformation, avoid disruptions and combat cyber threats even better. While IBM infrastructure provides not only high availability, but also robust, always-on encryption of data-at rest, Cisco enhances customers’ security posture with workload microsegmentation. Cisco Secure Workload, part of Cisco’s broader Secure Firewall portfolio provides this microsegmentation capability on IBM LinuxONE and Linux on Z platform. This granular segmentation capability empowers organizations to successfully execute a zero-trust approach for their application security. The Linux on IBM Z platform is an ideal choice for customers with demanding requirements, as it combines a robust digital engagement solution with the highest level of security, reliability, and performance.

Holistic workload protection for hybrid cloud

Cisco Secure Workload on IBM LinuxONE and Linux on Z platform brings fit-for-purpose microsegmentation that supports business-critical workloads. Secure Workload delivers automated microsegmentation with recommendations based on your environment. It reduces lateral movement, provides granular visibility, including real-time awareness of changes in the application environment, to strengthen the security posture of your applications.

Whether you integrate Cisco Secure Workload with IBM LinuxONE and Linux on Z in a stand-alone datacenter, or as a foundational element across a hybrid and multi-cloud infrastructure, Cisco Secure Workload brings a zero-trust approach that reduces attack surface, contains lateral movement, and identifies workload behavior anomalies, helping you to remediate threats quickly.

Secure Workload use cases 

Secure Workload delivers zero-trust application security, reduces risk, and maintains compliance with:

  • Auto-generated policies built through comprehensive analysis of application communication patterns and dependencies
  • Consistent policy enforcement at scale through distributed control of native host firewalls and infrastructure, including ADCs (application delivery controllers) and firewalls
  • Coordination of policies across East-West and North-South traffic flows. Comprehensive visibility and awareness of changes in your application communications drive automated firewall policy recommendations. Unlike other firewall providers, only Cisco has integrated firewall and microsegmentation capability
  • Near real-time compliance monitoring of all communications to identify and alert against policy violation or potential compromise
  • Common vulnerability detection with dynamic mitigation and threat-based quarantine

IBM Z and Cisco Security go further together

IBM LinuxONE and Linux on Z platforms provide the unique benefit of pervasive encryption of application workloads, cloud services, and databases. Selective data encryption, the traditional method for protecting data, can be costly and resource-intensive. With pervasive encryption on Linux on IBM Z platforms, organizations no longer need to choose which data to encrypt. Encryption at the network level helps protect data from potential attacks while in flight. Encryption at the data set level mitigates insider attacks that could compromise unencrypted data. Moreover, Secure Firewall integrates with Cisco Secure workload and provides advanced features, including Snort 3 IPS.

For additional information, check out:

Cisco Threatwise TV episode – https://www.cisco.com/c/en/us/products/security/threatwise-tv-demos/cisco-ibm-partners-secure-applications.html

Cisco Secure Workload – https://www.cisco.com/c/en/us/products/security/tetration/index.html

IBM Z and Cloud Modernization Center – https://www.ibm.com/community/z-and-cloud/


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels



Vibhuti Garg

Product Marketing Manager - Security and Data Center

Cisco Security