Lippis Report 194: One Network, One Company, Cisco Systems

Cisco is fundamentally changing the way it approaches network access by prioritizing research and development to deliver a common user experience independent upon wired, wireless or remote access. In addition, to simplify network operations and reduce opex, Cisco is unifying its product management suites plus centralizing policy definition for network access. Its approach is to deliver a unified access or holistic solution to IT business leaders that span both wired, wireless and remote network access with a common security and management framework. Cisco calls this new approach Cisco Unified Access.

Siemens Makes OpenScape UC Mobile and Scalable in Version 7

Watch the Video

What’s driving this change at Cisco is plain and simple; the market and the way people work have changed. Mobile and cloud computing plus video communications and machine-to-machine (M2M) traffic are massively strong trends that will only increase and stress traffic flows over enterprise networks. For those not familiar with M2M traffic, the Economist in 2007 predicted that there will be a trillion connected devices in 10 to 15 years, while the Wireless World Research Forum predicts 7 trillion devices by 2017!

B.Y.O.D., or bring your own devices, is in full swing with 95% of organizations now allowing employee-owned devices in some way, shape or form in the office, while 36% of surveyed enterprises provide full support for employee-owned devices. The trend toward universally-deployed mobile devices will continue to gain momentum, as 15 billion new devices will be in shipped by 2015. The general trend for mobility is characterized with a Compound Annual Growth Rate (CAGR) at 17% over the next several years.

Cisco Catalyst Access Switches Lower TCO by 14% According To Forrester

Listen to the Podcast

In addition to mobility, virtual desktop infrastructure or VDI options and deployments continue to expand and gain market share during the current business cycle. According to ABI Research, the worldwide market for hosted virtual desktops is forecast to grow from about $500 million in 2009 to a cumulative total of nearly $5 billion in 2016. In addition, there are nearly 50 million UC users according to Frost & Sullivan. Video traffic is pushing the internet into the Zettabyte Era with 1.2 million video minutes or 2+ years of traffic flowing over the internet every second by 2016, according to Cisco Systems. It’s safe to say that most, if not all, corporations have a combination of UC and video traffic flowing over their network.

IT business leaders are demanding a network infrastructure that converges wired, wireless and remote access, is cloud ready, supports video and is prepared for the onslaught of M2M communication, especially in the retail sector.

IT Business Leader Challenges

These trends are creating unique IT challenges as business leaders seek to provide a consistent user experience across network access technologies and scale their infrastructure to meet demand without adding operational complexity. It’s hard not to have a complex access network today as wired, wireless and remote access technologies were introduced to market at different times. Therefore, most have different management systems, security options, policy provisioning, etc. In addition network services, such as security, quality of service, network visibility, real-time video and voice support, did not transcend the three network access approaches.

Siemens On The State-of-Enterprise Communications

Listen to the Podcast

Consistent User Experience

It was only a few years ago that the primary network requirement was to provide network access on a 24×7 basis. But now with the huge growth in mobile devices, plus approximately 55% of employee populations being located in branch offices, IT is challenged to deliver a common user experience independent upon access method, be it wired, wireless or remote. What this means is that the same performance, security assurances, quality and overall user experience need to be unified. In short, IT has given up control of which mobile devices are to be used on the corporate network and tasked with delivering a consistent user experience, whether that user device is an iPad, Android smartphone, desktop, laptop, reader, etc., connecting at headquarters, remote site or wirelessly at either.

Network Infrastructure Readiness

In addition since the deep recession of 2008, business leaders have not kept up their network infrastructure to meet increasing traffic demand. This has left many with unprepared infrastructure to capitalize on business and technology changes or opportunities. In fact, many IT departments are shifting their procurement posture, which was once “nice to have” to now “must have.” A good example of this is the slow growth of desktop virtualization as IT architects have not prepared their network infrastructure to support this important, budget-reducing application.

Spring 2012 Open Industry Network Performance And Power Test Report

Get the White Paper

In addition, many IT departments deployed WLAN haphazardly, meaning that their WLAN was built access point by access point without an overall plan. In short, many are not engineered to be a mission critical business asset that provides visibility, control and scalability. So the question many IT business leaders are asking is this: “is the existing network infrastructure able to support the type of explosive growth in mobility, cloud, video and M2M?”

Too Many Management and Policy Systems

The above trends have forced a massive change in operational models too, increasing complexity, which drive up operational cost. If additional dollars are not funded to manage the increased complexity, then reliability, scalability and performance suffer. For example, during the 90s and most of the 2000s, the wired Ethernet switch and router network was the focus of network operations to assure its mission critical status. Today, there are multiple access networks with unique security models, access methods, credential requests, etc., and IT architects are challenged to provide consistent policy, management and security that span all networks, delivering both operational efficiency plus a common user experience.

Cisco Unified Access

The above discussion can be summed up this way. Over the past several years, a huge gap has been created in IT operations, user experience and infrastructure readiness. To close this gap, Cisco has organized various internal groups to deliver Cisco Unified Access. Cisco Unified Access is an approach characterized by one policy, one management and one network. One policy means a centralized context-aware policy platform that is primarily designed to ensure policy consistency that is enforced throughout the network. One management means a single pane of glass to manage wired, wireless and remote access networks with its primary mission to simplify operations via a unified architecture.

Consider how differently people work now than just a few years ago. For example, first thing in the morning, a doctor may check her iPhone for important emails before traveling to her office for scheduled patient office hours. She updates patient health records, issues prescriptions, collaborates with colleagues, etc., via her desktop and laptop computers while in her office. She then travels to the hospital she’s associated with to check on the health of patients. While at the hospital, she uses her iPad to view patient records, answer nurse and family questions, and approve new drug therapies. She videoconferences with other doctors providing care to the same patient to assure treatments are effective on multiple levels. On the way home, she stops at a Starbucks for a coffee and VPNs into the office to update a patient record. She leaves the office a little early to watch her son’s soccer game, checking email intermittently and surfing for a birthday gift during half time. After dinner, she checks the status of a patient and updates another’s record via VPN into her office.

This is but one outcome example of how Cisco’s Unified Access promises to deliver value. In this example, policy and security followed the doctor throughout her day while utilizing a wide variety of computing devices, both mobile and fixed, local and remote. Her network access methods changed throughout the day, but her experience was consistent and unique to the device she used. In essence, all the networks she utilized worked as one unified network.

One Policy

Policy or the ability to establish rules network access security, which may include AAA services, posture assessment, guest access services, device profiling, etc., is delivered via Cisco’s ISE or Identity Services Engine. ISE is a centralized policy platform where security policy is defined. Once policy is defined, ISE will distribute the policy to many different infrastructure components creating a distributed enforcement scheme.

From an operational point of view, ISE simplifies policy creation and implementation, thanks to it being centralized and its enforcement being distributed and automated. From a user point of view, ISE provides a common access experience where credentials are assessed and approved access provided independent upon endpoint device, location and network access. In addition, ISE enables easy self-provisioning of a user’s device, thanks to policy integration with mobile device management (MDM) solutions, such as AirWatch, MobileIron and ZenPrise and Good Technology providing quick on-boarding of mobile endpoints.

One Management

To reduce operational complexity Cisco has integrated its Ethernet switching and WLAN management systems, Cisco LMS and Cisco WCS into Cisco Prime Infrastructure. Cisco Prime Infrastructure delivers a single-pane-of-glass management model for wired and wireless networks with increased troubleshooting capabilities. Cisco Prime Infrastructure provides device configuration, monitoring, tracking, inventory, etc., to manage network devices. In addition, Cisco Prime Assurance utilizes Cisco Network Analysis Module or NAM, which provides network visibility to quickly identify problems by analyzing network traffic. In short, Cisco Prime Assurance is a troubleshooting and statistics gathering tool.

One Network

Cisco’s Unified Access strategy is focused upon providing a consistent user experience independent upon network access so that users see or experience all the networks they utilize as one. To deliver one network, Cisco is extending certain network services throughout its Catalyst, Nexus, Wireless and remote access products that contribute to a common user experience. For example, Cisco’s SecureX architecture that has been built into the Catalyst and Nexus switches as well as wireless and remote access products providing systemic protections. The ability to support video traffic through the three access methods is achieved via Cisco’s MediaNet, which provides quality of transport, trouble-shooting, diagnostic, etc., features to assure excellent video experience based upon the endpoint display.

Cisco is best positioned to deliver this unified access approach, thanks to its depth and expertise in networking and mobility. It enjoys the broadest product portfolio with resiliency and scale for campus, branch plus remote networks.

Cisco Unified Access is flexible. Use cases vary from the high-security facilities, such as government departments, central bank financial institutions, where networking is locked down to general-purpose enterprises that provide a combination of wired, wireless and remote access networks. These general-purpose enterprises tend to be focused on a common user experience where there is little compromise on productivity and security. A third use case could be educational or public facilities or retailers that stress an open user-friendly access environment.

Cisco is in the process of unifying its access networks to address the new ways in which people work and the devices we now use. Cisco Unified Access offers IT business leaders with a strategy and plan to not only support B.Y.O.D, but also create a seamless user experience that follows users throughout their productive day. In the process, it increases business agility, enabling a dependable network tuned to service delivery making the corporation more competitive and responsive. For network operations, the simplification and unification of Cisco’s network management into Cisco Prime should lower operational complexity, thus cost, while increasing network visibility and control.

One Response to Lippis Report 194: One Network, One Company, Cisco Systems

  1. Rajeev Arora said:

    Refreshing to see this new vision. This is in fact a re-architecting of the network as it has evolved and exists. Only then a transition to automated networked provisioning, configuration and optimisation promised by the likes of SDN and Openflow be possible. There a quite a few mountains to climb before that, as the above re-architecture is non-trivial.