Skip to main content

Posts

Cisco Zero Trust Architecture

 As a follow up to the previous post around Zero Trust Architecture , Cisco has been delivering zero trust architectures for customers for many years. With the platform approach provided by Cisco Zero Trust organizations gain better visibility across users, devices, containers, networks, and applications, verifying their security states with every access request. Adopting this model provides a balance between security and usability. Security teams can make it harder for attackers to collect what they need (user credentials, network access, and the ability to move laterally), and users can get a consistent and more productive security experience, regardless of where they’re located, what endpoints they’re using, or whether their applications are on-premises or in the cloud. Cisco Zero Trust provides a comprehensive approach to securing all access across applications and environment, from any user, device and location. It protects the workforce , workloads and workplac...
Recent posts

Zero Trust Architecture Overview

 Its 2020 and there is still so much buzz around Zero Trust in the industry. This is in part due to the fact that organizations still fight every day to prevent incidents, minimize risk and accelerate their time to detect | respond. As hard as organizations fight, the bad guys find new innovative ways to overcome the existing controls.  At the same time, organizations rapidly are digitizing everything they can. Whether its work from home due to pandemic, adding smart IOT sensors to improve manufacturing, or moving application to public cloud, security teams fight with the ever expanding attack surface while trying to operationalize security to be agile enough to keep up.  As defined by NIST in Special Publication 800 -207 Zero Trust Architecture : Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero tr...

Meet the Authors Video - CCIE Security and Practical Applications in Today’s Network: Zero Trust

This event took place on Thursday 29th, October 2020 at 10hrs PDT  In this session, Cisco Press authors and security experts talks about the relevance of CCIE Security in today’s evolving networks, focusing on the importance of Zero Trust. They will discuss how the CCIE Security Guide and exam prepare candidates and security experts to implement and talk about Zero Trust. In addition, the session provides the opportunity to interact with the authors and ask them questions in a live Q&A session . Join the world-class experts, who combined have over 70 years of security experience, and learn more about Zero Trust and its importance to becoming a security pro and succeeding on the CCIE Security exam. In addition, they present key content featured in the book Integrated Security Technologies and Solutions - Volume I. This event provides an opportunity to interact with the authors in real-time and learn more about them, their story, the story behind their publications,...

Why are Virtual Private Networks and Software Defined Perimeters mutually exclusive?

Increased remote work, vulnerabilities popping up and the #killthevpn movement has the cyber security industry laser focused on the transition from VPN to SDP. Let’s start with an acceptable definition of SDP from Wikipedia: “Software-defined perimeter (SDP) framework was developed by the Cloud Security Alliance (CSA) to control access to resources based on identity. Connectivity in a Software Defined Perimeter is based on a need-to-know model, in which device posture and identity are verified before access to application infrastructure is granted.” I hope we all can agree that the “ground truth" of SDP is valid and any organizations will benefit by adopting SDP architecture and principals(including Zero Trust). How is a Remote Access VPN any different than the “Client-to-gateway” deployment model defined for SDP? “In the client-to-gateway implementation, one or more servers are protected behind an Accepting SDP Host such that the Accepting SDP Host acts as a gateway between ...

Cisco Releases Idenity Services Engine (AKA ISE)

Introduction After years of innovation around Network Access Control, Cisco has released its next generation NAC solution: Identity Services Engine. ISE is combines existing loosely coupled devices AAA, profiling, posture and guest management - in single, scalability appliance. As part of the Cisco TrustSec solution and Cisco’s SecureX architecture for Borderless Networks, the Cisco Identity Service Engine provides a centralized policy engine for business relevant policy definition and enforcement. This policy work horse enables centralized, coordinated policy creation and consistent policy enforcement across the entire corporate infrastructure, from head office to branch office. ISE Features & Benefits Visibility: Single Platform & Pane of Glass - Let IT see who and what is on the network for advanced discovery and troubleshooting Dynamically collects & consolidates endpoint information to make adaptive policy decisions based on ‘context’ Integrates functions previously d...

Intrusion Prevention Best Practice - IPS Placement

Background In today's organizations, attacks come from everywhere. As cliche as it sounds, networks are borderless and because of this organizations face more sophisticated threats. As networks evolve, many organizations struggle to have intrusion prevention or other security architecture evolve at the same pace. Visibility is everything: you must be able to detect and respond to threats before they cause significant damage. The following entry is all about how to gain visibility at the different areas of the network. IPS Overview Wikipedia defines Intusion Prevention Systems as a "network security appliance that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about said activity, attempt to block/stop activity, and report activity." By deploying IPS, organizations are able to identify, classify, and stop malicious traffic, including worms, spyware ...

Cisco NAC vs. 802.1X

Background Access Control is on the rise. A recent Gartner survey indicates that 50% of enterprises plan to implement 802.1X in their wired networks by 2011. Gartner believes that momentum will increase strongly, and that actual enterprise adoption will reach 70% by 2011. With that said, we have a lot of organizations evaluating the differences between Cisco NAC and Cisco 802.1X. Before we dive into the details of either solution, I thought it would be appropriate to compare the two. Cisco NAC Overview Cisco NAC Appliance (formerly Cisco Clean Access) was designed to use your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access. You can use the Cisco NAC Appliance to authenticate, authorize, evaluate, and remediate wired, wireless, and remote users before they can access the network. Features Recognize users, their devices, and their roles in the network Evaluate whether machines are compliant with security policie...