To be Effective, Security Must be Simple, Open, and Automated
Organizations must take advantage of the digital economy in order to succeed and grow.
But to do this, and do it securely, we can’t be compromised by complexity.
Our IT landscapes are often systems cobbled together over the years. We may have servers from 15 years ago and cloud apps from 15 minutes ago. We face a constantly evolving threat landscape of sophisticated attacks and attackers. And we often confront security problems with a patchwork of point products that don’t fit or work together.
To defend against advanced attacks and thrive in today’s digital world, we need more effective security. Security that is simple, open, and automated.
In the next few weeks we’ll look at each of these aspects of security effectiveness and discuss how Cisco is delivering products and services that are simple, open, and automated. In this post I’ll start with how we are creating simpler security experiences for customers – be it simple to deploy, manage, or scale.
Making Life Easier and Security More Effective
Leonard da Vinci said, “Simplicity is the ultimate sophistication.” I couldn’t agree more. The most effective solutions use innovation and technical know-how to take what’s complex and make it simple. We see this play out every day. From smartphones, to online shopping, to smart houses – we’ve come a long way in using technology to simplify life. Yet for some reason, when it comes to security, life isn’t so easy.
Most organizations use as many as 60 different point products to attempt to secure their network, endpoint, and cloud environments, yet we read every day about successful, damaging attacks. Would you bring 60 products to solve any other IT problem?
Deploying, managing, and scaling security tools that don’t work together easily (or at all) is time-consuming at best and often, it’s a seemingly impossible task. Too often the latest tool becomes expensive shelfware.
You can’t throw more people at the problem either – there aren’t enough. And even if there were, it’s cost-prohibitive. The scale function required to keep pace with the ever-evolving attacks and a dynamic business landscape requires consistent hiring of elite quality talent – which is very hard to consistently fund for most organizations even when supplemented or enhanced with services. To be effective, security needs to be simple.
Now you might be thinking, “Time out, the words simple and Cisco haven’t always gone together.” What’s more, “simple” probably doesn’t come to mind when you think about security. But Cisco is set on changing this. We are tackling complexity and offering simpler yet exceedingly effective security experiences to our customers. Here are just a few examples.
Cisco is creating more effective, simpler security experiences for customers.
Simple to Deploy
Need a way to combat ransomware or malvertising attacks? We can’t wait months to deploy a solution when attacks are happening now. We need to enable effective security for thousands of users in minutes, not months.
Cisco Umbrella and Cisco Advanced Malware Protection (AMP) help protect against these attacks fast. Umbrella protects employees both on and off the corporate network from making connections to bad IP addresses, URLs, and domains. It can be deployed in under an hour, and doesn’t require an agent. AMP continuously monitors network and file activity across your infrastructure. If a malicious file is seen anywhere in the world, AMP blocks it everywhere. Turning on AMP is as simple as activating a software license on many of your existing Cisco security solutions.
Simple to Manage
In my last post I talked about the new Firepower Device Manager which makes it easier than ever for network admins to run their NGFW. Workflows walk you through choosing constraints and policies from a single access control screen. Firewall, AVC, URL filtering, IPS, and AMP – done. Visualizations let you see policies and traffic so you always know exactly what is going on.
Cisco Defense Orchestrator is another example. Network operations staff can easily manage thousands of security devices (Cisco ASA, Cisco NGFW, Cisco Umbrella, and more) from a simple cloud-based portal. Without being a security expert, you can optimize, configure, and manage policies across your entire network, whether you have dozens or thousands of locations. And when you see a misconfiguration or inconsistency you can change a policy quickly. Cisco Defense Orchestrator simplifies policy management while making security policy stronger.
Simple to Scale
Security has to extend when and where you need it. To protect branch offices, you can activate a Stealthwatch Learning Networks license on an existing Integrated Service Router (ISR) to identify malicious traffic on the local network – where there is often little security deployed.
Adding Umbrella Branch to your ISR adds protection at the DNS-layer – the simplest way to prevent users from connecting to websites that host malware.
While security will always face complex challenges, you can see there’s a lot Cisco is doing to make security simple to deploy, manage, and scale. And in many instances we’re also helping you to get more from your existing security and network investments. We’re continuing to innovate across our portfolio of solutions with the aim of making security more effective and your life easier.
In my next blog I’ll talk about how our commitment to building products with openness in mind is helping us reach this objective. In the meantime, I encourage you to explore our security solutions and see how we’re making effective security simpler for our customers.