When You Buy Cisco ONE…

CISCO ONE SIMPLIFIES ENTERPRISE SECURITY IN THE DIGITAL ERA

What are your top networking challenges today? I guess that most of you will say is the Network Security. Yes, security is becoming more complex today.

Firstly, you can check the following figure “Security Remains the Top Challenge for Most Organizations” from ZK Research 2016 Network Purchase Intention Study

Businesses are aggressively marching down the digital path. Meanwhile, the current state of security is overly complicated, and security methods are too slow to meet today’s needs. It’s time for organizations of all sizes to rethink their security strategy and align it with the requirements of the digital era.

Cisco promoted the Cisco ONE Software to meet organizations’ needs of all sizes in security strategy.

ZK Research says Cisco ONE Advanced Security is the right solution to deal with complexity and fragmentation with enterprise security.

In the following part we will share the “Cisco ONE Simplifies ENTERPRISE SECURITY in the DIGITAL ERA White Paper” Prepared by Zeus Kerravala from ZK Research

When you buy Cisco ONE Software…
  1. It provides a simple and flexible way for customers to buy software for their data centers, wide-area networks (WANs) and access networks. This model decouples the acquisition of the software from that of the underlying hardware platforms.
  2. It simplifies the process of network procurement and management by enabling customers to buy all the feature licenses in one package and then turn on what is required when needed. It offers greater value to customers through reduced complexity, investment protection, access to new capabilities and flexible buying models.
  3. It is organized into three distinct domains: Data Center and Cloud, WAN and Access. Each is available in three different feature sets: Foundation, Advanced Applications, and Advanced Security (Exhibit 3).

Cisco ONE Software Provides Breadth and Depth to Customers

CISCO ONE ADVANCED SECURITY SOFTWARE

Cisco ONE Advanced Security (Exhibit 4) extends the value of Cisco ONE to advanced security. It makes it easier to fortify an organization’s data center, WAN and access with simple, predefned suites of key security products and services in a single offer for each.

Customers that choose to purchase advanced security using Cisco ONE will realize the following benefits:

Cisco ONE Advanced Security Frameworks

CISCO ONE ADVANCED SECURITY FOR DATA CENTER

The data center is the lifeblood of most organizations. It’s the place where all of the critical applications, data and intellectual property reside. So the data center is a main focal point for hackers. It can be a challenge to protect, as attacks can start directly in the data center, or it can be breached through a “back door” if a system that accesses the data center is unprotected. Most organizations focus on protecting the perimeter but often overlook internal data center security. Based on the following data points from the ZK Research 2016 Security Survey, it’s clear that a greater focus on securing the data center is required:

Currently, 90% of security budgets are spent at the perimeter, but only 20% of breaches occur at that point.

The average time to find a breach in the data center is 100 days.

East–west traffic now accounts for 70% of data center traffic and is growing rapidly.

East–west traffic bypasses the security placed in the core of the network. 53% of survey respondents turn security features off at the perimeter in favor of performance, leaving the data center even more exposed

Cisco ONE Advanced Security for Data Center

Cisco ONE Advanced Security for Data Center enables customers to handle security threats against the data center today:

  • It allows segmented policies through a virtualized firewall.
  • It helps with prevention and mitigation of known and unknown threats with next-gen intrusion prevention.
  • It helps with detection and blocking of stealth malware and zero-day attacks with advanced malware protection for the network.
  • It provides reputation- and category-based filtering of more than 280 million websites in at least 80 categories.
  • It equips you to defend your enterprise from both outside and inside, as an increasing number of attacks are originating from inside the organization.

Exhibit5 shows the features included in Cisco ONE Advanced Security for Data Center

CISCO ONE ADVANCED SECURITY FOR THE WAN AND EDGE

For many organizations, the branch is the business.

ZK Research estimates that 84% of employees now reside in a branch office, making it the dominant place where work gets done and where customers are served. The rising number of branch resident employees has had a profound impact on the network due to the exponential growth in the number of devices resulting from the BYOD trend.

The ZK Research 2016 Consumerization Survey found that 82% of organizations now have a formal BYOD plan in place, and branch workers are carrying an average of three devices per person. The use of consumer devices in the workplace has created new security risks and 75% of respondents in the ZK Research 2016 Security Survey cited mobile security as their top security challenge.

The other trend that has raised the security bar in branch offices is the growing use of cloud-based applications. To improve the performance of software as a service (SaaS), businesses are enabling workers to access the cloud directly from the branch instead of having to traverse the WAN first. The combination of consumer devices and cloud applications has increased the number of branch attack entry points by five times during the past year.

Branch security must evolve to keep pace with an increasingly digitized world. Businesses need to ensure branch security includes the following characteristics:

  1. Secure remote access
  2. Unified wired and wireless security
  3. Data protected from tampering, unauthorized access and eavesdropping
  4. Secure direct internet access

Cisco ONE Advanced Security: Threat Defense for WAN and Edge is a solution designed to enable advanced security in branch locations:

  • It offers highly secure remote access and client VPN.
  • It helps with prevention and mitigation of known and unknown threats with next-gen intrusion prevention.
  • It helps with detection and blocking of stealth malware and zero-day attacks with advanced malware protection for the network.

Cisco ONE Advanced Security: Threat Defense for WAN and Edge

  • It provides reputation- and category-based filtering of more than 280 million websites in at least 80 categories.

Exhibit6 shows the structure of Cisco ONE Advanced Security: Threat Defense for WAN and Edge

CISCO ONE ADVANCED SECURITY FOR ACCESS

The access edge of the enterprise network is becoming increasingly complex. The growth of consumer devices and cloud applications has created many blind spots that can lead to network breaches. Also, IoT is rapidly becoming the norm, and a wide range of new devices are being attached to the access edge including video surveillance cameras, LED lighting, HVAC systems and vertically specific equipment. The ZK Research 2016 Network Purchase Intention Study found that 70% of network managers have little to no confidence that they are aware of all the devices attached to the access edge.

Also, cybercriminals have focused their attention on the end user and applications through advanced malware such as advanced phishing campaigns. Once these threats enter the network, they remain hidden for several months while they gather information to eventually exfiltrate valuable data.

Other interesting data points related to the access edge from the ZK Research 2016 Security Survey includes the following:

  • 90% of organizations have been breached—46% in the last year alone.
  • 50% of businesses employ the use of mobile devices that are infected with malware.
  • The average time to find a breach at the access layer is 100 days.
  • 96% of organizations are using applications that were not sanctioned by IT.
  • Workers use an average of four consumer applications as part of their daily job.

Businesses need a simplified approach to securing the access edge to enable workers to utilize the information they need at any time on any device from any location. Additionally, security teams need improved visibility to search for anomalous traffic that may indicate a breach.

Cisco ONE Advanced Security: Policy and Threat Defense for Access is designed to increase security while providing users with correct but simplified access.

It offers the following:

Highly secure access based on identity and device, centralized identity- and context-based access from anywhere

Cisco ONE Advanced Security: Policy and Threat Defense for Access

Visibility, compliance and mobile device management (MDM) support

VPN and highly secure endpoint with Cisco AnyConnect Apex

Exhibit7 shows the structure of Cisco ONE Advanced Security: Policy and Threat Defense for Access

CONCLUSIONS AND RECOMMENDATIONS

The digital business era has arrived, and it has brought with it many new technologies such as IoT, cloud and mobility. These technologies have enabled organizations to be more dynamic and distributed, and they have raised efficiency and productivity to new heights. Companies that can make the rapid transition to becoming digital will be more profitable and gain a competitive advantage; those that can’t will struggle to survive.

However, all of these new technologies come with a price—security has grown increasingly complex. The traditional security methods of focusing solely on the perimeter are no longer sufficient because the bulk of attacks are now bypassing the network edge. Security architectures must change, and an increased focus on the internal network is necessary—particularly the data center, branch and access edge, which are the new focal points for cybercriminals.

Cisco’s threat-centric approach is ideally suited to meet these requirements. It turns the network into both a sensor and an enforcer, because it can quickly discover threats through network anomalies and then quarantine them before they can spread laterally and cause more damage.

In conjunction with the rollout of its advanced architecture, Cisco has simplified the purchase of security features in the data center, branch and access edge with its Cisco ONE Software. Customers that purchase security using Cisco ONE Software will realize the following benefits:

  • Domain-specific simple and comprehensive software suites
  • Flexibility to start at any place
  • Access to the latest threat intelligence and features
  • Investment predictability through subscription offers

Cisco ONE Software helps customers better secure their network by enabling businesses to purchase the right software capabilities to address their needs today, while offering investment protection for the future. Also, this is what differentiates Cisco from many other point product vendors, as

Cisco ONE helps customers cover more places in the network and provide depth in security.

Migration to the Cisco ONE Software model should be the top priority for any company looking to improve its security posture.

ZK Research makes the following recommendations:

Rethink security in the digital era.Traditional security methodologies were developed in an era when IT had tight control over applications, endpoints and where users work. This is no longer the case; the control IT once had is now gone. Businesses need to adopt a threat-centric approach that leverages the network—a company’s most ubiquitous asset—and that sees all traffic and can quickly identify breaches.

Minimize the number of security vendors. The ZK Research 2016 Security Survey found that businesses have an average of 32 security vendors in their environment. Working with this many vendors leads to an unmanageable environment with many blind spots, false positives and inconsistent information. The goal should be to minimize the number of security vendors to improve performance and simplify management. Although multiple vendors will likely be needed, companies should choose a main vendor with a large ecosystem of third parties to ensure seamless interoperability.

Customers should consider Cisco ONE Software for security. As demonstrated throughout this paper, Cisco ONE provides both cost and innovation advantages over traditional purchasing models. ZK Research believes Cisco ONE Software is the right security purchasing model for data center, WAN and access for the digital business era.

The Original Research Report from https://www.cisco.com/c/dam/en/us/products/collateral/software/one-advanced-security/one-advanced-security-zk-white-paper.pdf

More Related…

Cisco ONE Advanced Security, Simplify Your Threat Defense

Cisco DNA is a Game Changer for the Digital Era?

Happy Birthday, Cisco ONE Software!

Cisco ONE for WAN-Benefits

How to Choose a Cisco IOS Software Feature License?

Share This Post

Post Comment