After managing the sudden switch to remote work in 2020, organizations are making a more permanent transition into the flexible hybrid workforce. The Federal Bureau of Investigation (FBI) found that cybersecurity attacks rose by 3-4 times from the transition to remote work in 2020. In addition, experts predict that ransomware will cost the world up to $20 billion in 2021 and is expected to be a greater concern with the hybrid work model. As a result, you’ll need to rapidly scale your security to account for the massive influx of remote and hybrid workers while simplifying and unifying your IT systems.

While implementing security controls is increasingly important, this also means more hardware appliances and virtual instances to secure different parts of the infrastructure. All this extra equipment and instances means more power consumption and heat dissipation, leading to adverse impacts on the environment. We’re taking steps to address this situation. There are a couple of ways we’re approaching this. Cisco products have security features which are built into our switches to prevent the need for separate security appliances.

Innovative methods to detect malware within encrypted layers

As an example, let’s look at the scenario where a traditional method of securing the deployment is used for decryption and identification of malware. As shown in Figure 1, you would first need to decrypt the traffic, then apply analysis (inspection / anti-malware), and finally encrypt the traffic again. The resulting power consumption is shown in Table 1.

Figure 1. Traditional deployment using Secure Sockets Layer (SSL) inspection
Table 1. Power consumption in a traditional deployment

As displayed in Table 1, the total power consumption for all the devices is close to 9500W. In the sustainable method we offer, the Cisco Secure Network Analytics (Cisco Stealthwatch) components like Stealthwatch Management Console (SMC) and Flow Collector (FC) are virtualized, which can be deployed on the existing X86 servers without needing the additional devices as shown in Figure 2.

Figure 2. Innovative and sustainable option using Cisco Secure Network Analytics (Stealthwatch)

In this scenario, Stealthwatch’s patented technology allows analysis of encrypted traffic without decryption. The ETA module in the catalyst switch provides Stealthwatch with the extra information for the analysis of the encrypted traffic without decryption.

Table 2. Power consumption using Cisco Secure Network Analytics with Catalyst switches

As the Stealthwatch components are virtual, they can be deployed in an existing X86 server, and the power consumption is minimal as compared to the dedicated appliances.

Another way Cisco caters to sustainable cybersecurity is by ensuring that the functionalities such as load balancing, packet broker functions, switching, and routing are all included in a single appliance.

Tables 3-4 highlight the difference between the traditional method and innovative new method for total power consumed for identifying malware in encrypted traffic:

traditional method for total power consumed for identifying malware in encrypted traffic
Table 3. Traditional method power consumption

All the functionalities listed in Table 3 are now available in a single switch such as the Nexus NX 9300, which has the following power consumption:

innovative new method for total power consumed for identifying malware in encrypted traffic
Table 4. Power consumption using Cisco Nexus

This shows that there are alternate methods to detect malware within encrypted layers which are more sustainable, efficient, and less expensive compared to traditional deployments.

Take a few minutes to learn more:

Cisco Secure Network Analytics

Cisco Catalyst switches with ETA capability

Cisco Nexus 9000 Series Switches

with load balancing, packet broking, and ACL functionalities



Pramod Nair

Consulting Systems Engineer, Security

Service Provider Architecture