IT teams are under big pressure to improve the performance and security of corporate networks. Monitoring for security, compliance, and performance requires getting the right data to the right monitoring tool for analysis. This paper describes the capabilities of a network monitoring switch and how it optimizes the traffic to the monitoring tools, improving overall monitoring tool performance and protecting the IT team’s monitoring tool investment
Cisco is fundamentally changing the way it approaches network by prioritizing R&D to deliver a common user experience independent upon wired, wireless or remote access. In addition, to simplifying network operations and reducing opex, Cisco is unifying its product suites for One Policy, One Management and One Network to address the BYOD megatrend. Its approach is to deliver a unified access or holistic solution to IT business leaders that span both wired, wireless and remote network access with a common security, management and features framework. Cisco calls this new approach Cisco Unified Access. Cisco is also introducing a new converged wired and wireless switch – Catalyst 3850 switch. Jeff Reed; Vice President and General Manager Unified Access Group at Cisco Systems joins me to discuss Cisco’s Unified Access strategy and new Catalyst 3850 switch.
Duration: 15:26 minutes
Lippis Intro/Analysis @ : 00:03 sec
Question 1 @ 2:22: First would you like to add to my intro, that is what is Unified Access and what’s driving it?
Question 2 @ 3:02: What are the basic elements of UA from a product development point of view, that is where is Cisco investing to deliver UA?
Question 3 @ 5:07: Can you expand on the new 3850 product especially around the topic of virtualized WLAN controllers.
Question 4 @ 7:08: How does UA address BYOD, Video and security trends?
Question 5 @ 10:52: How much does IOS 15.0 Infrastructure play a part in UA?
Question 6 @ 12:47: What do you expect the business outcomes to be for those that deploy UA?
Closing @ 14:41: Summary of UA and its impact on business process.
Organizations that want to harness the power of the web must deal with a consequence: becoming vulnerable to web-based threats that can negatively impact data, reputation, and operations. Trends such as social networking and Bring Your Own Device (BYOD) add to the challenge of securing the safety of network traffic and increase the attack footprint. Cisco® ASA Software Release 9.0, integrated with Cisco Cloud Web Security, and powered by Cisco Security Intelligence Operations (SIO), solves the combined problems of performance and breadth of security—without affecting network complexity or business agility. This white paper explains how Cisco uses the advantages of the cloud to protect enterprises from web-based threats and to apply comprehensive policies to web content and web-application visibility within the enterprise.
The contact center landscape is experiencing significant changes, both in the business model itself and its underlying technology. The ability to access telephony and applications over the Internet has increased the flexibility of the contact center workforce, introducing a new trend: the work-at-home agent. Driven by a greater need for both flexibility and cost control, cloud contact center solutions (also known as hosted contact centers) are seeing double-digit growth rates. Cloud contact centers provide a number of business benefits: improved business agility, decreased capital expense, and lower total cost of ownership (TCO). This white paper provides a best practices for exploiting cloud base contact centers securely, with compliance controls and built-in disaster recovery.
Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere
Today’s CIO must deliver innovative business solutions and give employees more freedom to work the way they want – all while reducing IT complexity. Consumer devices have proven to be a cost effective and attractive way to keep employees engaged and productive, but many organizations struggle with securely introducing these devices into the network. Securing corporate data, applications, and systems is essential to any BYOD strategy, and IT organizations need to ensure a secure experience from both a device and network access perspective. As corporations develop an any-device, anywhere strategy, IT needs to know who is on the network, the location of the person, and the type and status of the device. This white paper provides a strategy for implementing BYOD securely.
Increase security and reduce risk by using existing technology in a non-traditional fashion.
Security is all about risk mitigation. How much risk is an agency willing to accept, and how much are they willing to spend to lower that risk to an acceptable level?
There are multiple ways to lower risk, such as:
• Increasing situational awareness through continuous monitoring of network, data, hardware and personnel resources.
• Tightening security policies for employees and guests moving within buildings.
• Increasing physical security measures when entering the building.
• Isolating physical networks.
• Using stronger authentication mechanisms (multi-factor authentication).
• Implementing an identity management system.
Unfortunately, these solutions all come at a financial cost and, in some cases, can actually prevent employees from doing their job, impacting their productivity. This paper suggests that by using some non-traditional devices in a security arsenal, and by using the network as the platform, an organization can significantly increase its security posture and reduce risk without requiring significant behavioral engineering or infrastructure costs.
The formal exhaustion of public IPv4 addresses by the Internet Assigned Numbers Authority in 2011 occurred at a critical turning point in the history of the Internet—namely, at the moment when the typical Internet host is evolving away from the desktop and to the mobile device. As a result, the entire human population is expected to have online access by 2015. Such scale will only be feasible with the abundance of address resources offered by IPv6. As a result, any organization relying on the IT ecosystem enabled by the Internet Protocol—especially those organizations with public-facing content—is at great risk. In the absence of an IPv6 adoption initiative, an organization’s business continuity, business agility and competitive advantage are all endangered. Find out how to mitigate this scenario by downloading this white paper
In this Lippis Report podcast I talk with Prashant, Sr. Director of Server Access Virtualization Product Marketing at Cisco Systems about the new challenges of managing applications and layer 4-7 services in modern data center environments that consist of multiple hypervisors, a wide variety of workloads types and mobile/dynamic virtual machines.
Modern corporate networks are under increasing pressure to support a wider variety of applications thanks to mobile and cloud computing, desktop virtualization plus video traffic having skyrocketed. Not only are bandwidth rates increasing from 1 to 10 to 40 GbE, but most importantly network services are needed to manage and support a different application portfolio mix and network access methods. Network services such as firewalls, WLANs, network diagnostics and monitoring plus application performance acceleration are needed to deliver a consistently excellent user experience. Cisco recently announced an upgrade to its popular Catalyst 6k with the availability of the Supervisor 2T that included re-vamped high performance service modules to deliver these network services. Goyal, product line manager at Cisco Systems joins me to discuss which network services need to be available in modern networks.
Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.
During the week of October 31, 2011, the Lippis Report tested Cisco System’s new Catalyst 6500 with Supervisor 2T or Sup2T for performance, upgradability, control and scalability at Ixia’s modern iSimCity laboratory in Santa Clara CA. By all counts, Cisco’s upgrade of the Catalyst 6500 via its new Sup2T, is its most ambitious and thoughtful yet for the venerable platform. The Sup2T is a major upgrade to the most widely-deployed switching platform in campus and data center networking. It’s the new Catalyst 6500’s network services that deliver most of the value, which is partially found in the Sup2T’s Policy Feature Card or PFC that increases NetFlow monitoring and a new TCAM design offering improved Access Control (ACL), Quality of Service design options, encryption security and many other features. This Lippis Report test verifies many of Cisco’s performance and upgradability claims. While it’s impossible to test all of the Catalyst 6500’s new 200-plus features with the Sup2T, we rather focus on a select few that will have the widest impact on IT business leaders’ product acquisition decision process.
MACsec encryption has become increasing popular and important to campus network design, but previous switch performance degraded when encrypted traffic was passing through it. Here we show that the catalyst 6500 does not suffer a performance degrade while MACsec traffic is passing through it. We tested the Catalyst 6500 via the cPacket Networks cTap 10G passive probe to verify traffic flows were either MACsec encrypted or unencrypted. We found that there is no material difference in throughput performance, other than 802.1ae encryption key overhead, thanks to 16 additional bytes per packet. The cPacket passive probe also measured line rate throughput performance. This is a great short video that verifies how the old encryption performance penalty is now gone.
Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.
There are three major trends sweeping through the enterprise: the rapid rise of the consumerized endpoint, the onset of virtualization and cloud computing, and the growing use of high-definition video conferencing. Each of these critical technologies is transforming business—and forcing a fundamental shift in how security is developed and deployed. In this white paper, Cisco describes its SecureX architecture and how it has evolved IT security so that IT leaders can enjoy the benefits of these IT trends securely.
This one page at-a-glance brief on Security and Compliance for Virtual Computing provides a snapshot view of Cisco’s new Virtual Security Gateway (VSG) for Cisco Nexus® 1000V Series Switches. VSG delivers security, compliance and trusted access for virtual data center and cloud computing environments.
Download the Virtual Security Gateway (VSG) for Cisco Nexus® 1000V Series Switches here.
-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a Splunk SIEM solution
-Wants to gain a general understanding of the Splunk SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution