Tuesday 30 May 2023

To the Cloud and Beyond―A Comprehensive Model for Enhanced NetOps and User Experience

Cloud computing has become wildly popular among IT organizations for a number of reasons, including its ability to enhance efficiency, security, agility, and cost-effectiveness. But now cloud features and principles have also become the building blocks of something even bigger and more all-encompassing: a unified IT operating model that spans people, devices, networks, applications, and things across the digital infrastructure.

With end-to-end visibility and centralized, cloud-based management, IT can monitor, manage, and control an organization’s entire networking, cloud, and security infrastructure. A unified cloud operating model makes it easier for organizations to pivot as their needs change. Organizations can quickly deploy innovative applications, respond to disruptions and threats, and scale performance and capacity. The model is an antidote to separate, complex, operational silos on-premises, on the internet, and in the cloud. The overall goal of the model is to dramatically improve the efficiency, reliability, and resiliency of IT operations, as well as the quality of user experience.

The Need for a Comprehensive Operating Model 

Recent research conducted by IDC has found IT staff worldwide engaged in a struggle with highly specialized, complex, and manual management tools and procedures in use across on-premises, internet, cloud, and security silos. Between all of the silos are management and security gaps. Integration is limited. Efficiency and time-to-market suffer.

Meanwhile, IT is being asked to innovate in the use of applications and data intelligence, to create great and secure user experiences, to scale up or down in response to demand, and to do it all efficiently and cost-effectively.

Enter the cloud operating model.

With the cloud operating model, cloud principles like anywhere access, self-service dashboards, policy automation, end-to-end visibility, microservices, continuous integration, and continuous delivery (CI/CD), and extensibility can be applied across the entire digital infrastructure from access to internet to cloud (Figure 1). That includes all endpoints and systems whether they are on-premises, in the cloud, in remote offices, or mobile.

Cisco Career, Cisco Certification, Cisco Learning, Cisco Tutorial and Materials, Cisco Certification Exam, Cisco Career, Cisco Skill
Figure 1. The Cloud Operating Model

With consistent policies and governance within and across operational domains, the cloud operating model can improve cross-functional collaboration, eliminating disparate processes and disjointed efforts that hamper better business outcomes.

An Ongoing Journey

Achieving a cloud operating model is a journey for organizations requiring a significant shift in how they approach their IT operations:

  • A shift in thinking from viewing cloud and on-premises environments as separate entities to looking at how the best features of both can converge
  • A cultural shift that embraces breaking down silos, promoting collaboration, and encouraging cross-functional innovation
  • New skills, tools, and processes to manage infrastructure, such as automation, DevOps, and agile methodologies
  • Integration of cloud management platforms with legacy systems, which requires careful assessment and a migration strategy

Achieving a cloud operating model is not a one-time event but rather an ongoing journey of continuous improvement across the entire IT environment. Cloud features and a unified management platform provide the means to monitor, optimize, and innovate to help ensure that organizations are getting the most value from their investments.

Where to Begin?

Start by evaluating which cloud principles exist in which domains. At Cisco, we’re developing a new tool that helps organizations define their various infrastructure principles within the access network, software-defined WAN (SD-WAN), and data center. By overlaying principles on infrastructures, an organization can identify opportunities to integrate silos to help meet business and operational objectives.

Some organizations are starting the journey to the cloud operating model by extending SD-WAN connectivity across multiple clouds for simpler IT management and a better application experience. With a distributed SD-WAN, they can apply policy, visibility, control, and zero trust consistently across all clouds, software-as-a-service (SaaS), and middle-mile providers. Other organizations are planning to use this SD-WAN foundation to transition to a secure access service edge (SASE) architecture to connect network and security domains across branches and remote clients.

With our broad cloud and networking platform portfolio, Cisco provides a comprehensive set of solutions with the visibility, consistent policy governance, and insights-driven automation necessary to support an effective cloud operating model. For example, in campus networking, the Cisco Meraki platform supports many key cloud principles.

The Meraki dashboard provides cloud-based management for connected access points and IoT devices, plus monitoring and management of switches. Through the dashboard, configuration and access policies can be defined and automated throughout the network. The dashboard interface is a visual representation of all connected devices, showing the real-time status of each device. And Meraki has a marketplace of partner applications that leverage APIs to extend these capabilities across the network.

Source: cisco.com

Saturday 27 May 2023

Secure Workload 3.8 delivers more productivity, lower TCO, and faster time to value

If the network is the skeleton, then applications are the lifeblood of today’s business. They connect organizations with their customers, employees, supply chains, partners, and even generate revenue. Safeguarding modern applications running across complex hybrid multicloud environments is paramount for every size and type of business. Cisco Secure Workload 3.8 brings a wealth of new capabilities to help security professionals protect critical application workloads by simplifying complexity and unifying network controls to improve their overall security posture.

Secure Workload protects the applications that power business in an infrastructure, location, and form factor agnostic manner. It does this by employing an agent and agentless approaches to give customers deep visibility into every workload interaction and uses powerful AI/ML-driven automation to handle tasks that are beyond human scale, delivering accurate and consistent microsegmentation and continuously monitoring compliance across the application landscape.

Secure Workload 3.8 improves productivity, lowers the overall TCO for existing and new customers by delivering a minimum of 50% greater scale on the existing platforms. It also provides consistent agent and agentless microsegmentation for workload deployment across hybrid multicloud, expanding the core microsegmentation use cases. And last but certainly not least it strengthens the integration with Cisco Secure Firewall and Cisco Identity Services Engine (ISE).

The latest version of Secure Workload continues to focus on enhancing the user experience with more automation, simplifying the onboarding process, and adding new platform APIs. The end-to-end workflow helps customers achieve zero trust faster, improve operator productivity by 50% or more, and significantly reduce the time to value.

In the digital economy, speed and information are the key currencies. The persona-based reporting dashboard introduced in the 3.8 release delivers actionable intelligence on demand, reports the overall security health of applications, illustrates emerging trends based on historical data, and introduces new Forensics alerts based on the MITRE ATT&CK framework.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Certification, Cisco Tutorial and Materials
Figure – 1 Alerts based on MITRE ATT&CK Framework

Secure Workload 3.8 supports greater scale on the existing platform and connectors which helps customers extend their hardware life and lowers the solution’s total cost of ownership. The updated scale numbers are shown below:

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Certification, Cisco Tutorial and Materials

And in our continued effort to deliver a true multicloud zero trust solution with agent and agentless flexibility for our customers, the Google Cloud Platform (GCP) connector in the 3.8 release delivers agentless microsegmentation for applications deployed in Google Cloud, adding to our existing support for AWS and Azure cloud.

Since the early days of its inception, Secure Workload has integrated with Identity Services Engine (ISE) to address user/device identity-based segmentation scenarios in the customer environment. In the 3.8 release, Secure Workload integrates with the ISE Passive ID which helps ingest user, group, and other attributes from the customer Active Directory and/or Azure Directory and in turn enables endpoint identity-aware visibility and policy enforcement.

Two years ago, we launched the native integration between Secure Workload and Secure Firewall to provide defense in depth and an agentless approach for on-prem environments to achieve zero trust. With the 3.8 release, we are taking this integration to the next level with topology awareness, giving customers the granular control to discover, enforce, and automate select policies on a specific firewall or set of firewalls through Secure Workload.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Certification, Cisco Tutorial and Materials
Figure 2 – Defense in Depth and Virtual Patching – Secure Workload and Secure Firewall Integration

As you may know, it is not uncommon to have critical vulnerabilities unpatched in an environment despite best-of-breed vulnerability management solutions. While there are many factors, with virtual patching Secure Workload and Secure Firewall seamlessly share threat intelligence and ensure that the right SNORT signature is applied to protect against a known vulnerability present in the customer environment without breaking the application.

Source: cisco.com

Thursday 25 May 2023

Deliver the Experience Your Customers Want with a Data-Informed Hybrid Work Strategy

Introduction: The Evolution of Hybrid Work

While hybrid work is not a new concept, it continues to evolve as we gather more information about employee work preferences and customers’ workplace and real estate goals. At Cisco, we leverage the insights gained from our own hybrid work environments, including our offices and collaboration centers, to shape our approach. In this blog, we will focus on two of our Hybrid Work building pillars—supporting hybrid work and digitizing real estate—and how data plays a vital role in optimizing workspaces. The remaining pillars, corporate sustainability and employee health and wellness, will be covered in our next blog.

Cisco Certification, Cisco Career, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Preparation, Cisco Tutorial and Materials, Cisco Certifications Exam
The four pillars and corresponding data points for our latest Hybrid work office transformation in Atlanta

Support Hybrid Work: Designing Spaces that Matter

Even as employees return to the office post-pandemic, companies are reconfiguring their real estate portfolios to align with their return-to-work strategies. Cisco has been proactive in reimagining the workplace by investing in collaborative hubs and, in some cases, downsizing office spaces to prioritize other areas.

Toronto & Chicago

Our hybrid work journey began with the design of an innovation center in Toronto, aimed at inspiring innovation and investment in Digital Transformation. This office, although constructed before the pandemic, marks some of our first steps in creating smart and collaborative workspaces. By leveraging a single converged network powered by Power over Ethernet (PoE) technology, we connected people, processes, and data, enhancing productivity and optimizing energy usage. Over time, we made adjustments to the space based on insights gathered, including downsizing the overall floorplate. Today, the Toronto office serves as a studio to educate people on the hybrid work journey.

In Chicago, our office layout was designed to accommodate a pre-pandemic work environment, with employees spending more time in the office. The majority of the layout was dedicated to “me” spaces (70%), such as personal offices and individual workstations, while the remaining portion focused on “we” spaces (30%) to foster collaboration. This office serves as a showcase for Cisco’s technology and collaboration devices, furthering our hybrid work journey.

Penn1 & Atlanta

Throughout each these projects and our work -from-home experiment during the pandemic, we collected significant data to inform our future space designs. A 2021 Cisco Employee Survey revealed that 81% of our employees preferred to work outside the office for 3 to 5 days per week, with office visits primarily driven by learning and collaboration needs.

Armed with these valuable insights, we incorporated these findings into our subsequent major office transformations, including PENN1 in NYC and our latest office in Atlanta. In these locations, we purposefully designed specific spaces such as hot desks, huddle rooms, and collaboration areas to align with the identified trends and utilization patterns of our offices. Each of these offices were meticulously configured with layouts and technology to enhance productivity and collect valuable data for ongoing support of hybrid work. At both, Penn1 and Atlanta, our commitment to hybrid work is evident in the deliberate reduction of space to meet workforce capacity, utilization of collaboration technology, video-enabled environments, prioritization of collaboration spaces over individual workstations, and the elimination of personal offices.

The PENN1 office follows a 30% “me” space to 70% “we” space ratio, which is the opposite of what our pre-pandemic offices were designed for. With the development of our latest office in Atlanta, the ratio of “me” to “we” spaces is now 10% to 90%. This clear shift reflects our data and observations on how people now utilize office space. Hybrid work means going to the office to collaborate with others, rather than focusing on individual tasks. The choices we made in our office designs demonstrate our dedication to creating environments where teams can thrive, engage in meaningful learning, collaborate seamlessly, and drive innovation.

Digitize Cisco Real Estate: Leveraging Data for Smarter Workspaces

Building on the previous section, we now explore how data and analytics have shaped Cisco’s decision-making process in creating workspaces that promote collaboration, learning, and productivity. By harnessing insights from various sources, we have been able to optimize the physical environment to align with employee needs and preferences. Here are a few examples of how data and analytics have guided our hybrid work approach.

Cisco Video End Points

Analyzing data from Cisco Video End Points revealed that the average meeting size consisted of 3.7 in-person participants and 2.5 remote participants. Armed with this information, we intentionally designed small collaboration rooms, quiet spaces, and huddle rooms that cater to smaller groups. This approach fosters frequent and effective collaboration within a more intimate setting.

Cisco Spaces

Cisco Spaces is the core of our Hybrid Work strategy, acting as the foundation that brings everything together. It transforms flat floor plans into dynamic and interactive 3D maps, helping us to better understand and strategize for space utilization. We continuously collect data around the clock from our collaboration devices, networking devices, and third-party devices, enabling us to gain valuable insights in real time. This data empowers us to make informed decisions across the many areas of space design, safety, sustainability, and employee health and wellness. Whether it’s reimagining the layout of a room or helping facilities know what rooms to clean based on occupancy, this data provides us with the insights drive an impactful and informed hybrid work practice.

Cisco Certification, Cisco Career, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Preparation, Cisco Tutorial and Materials, Cisco Certifications Exam

Room Design

By utilizing data from Cisco Spaces, we identified a popular room layout at Penn1—a semi-open space with a high-top bar, low-profile seating, and limited power outlets. This configuration unexpectedly became a preferred spot for employees, encouraging focused collaboration and reducing distractions. Analyzing room utilization data through Cisco Spaces allowed us to recognize the demand for such spaces, leading us to implement similar designs in our latest office in Atlanta.

Employee Data

Industry standards revealed that employees typically visit the office to learn, collaborate, and socialize. This knowledge greatly influenced our space design, resulting in dedicated areas at Penn1 and Atlanta that cater to these functions. From large, connected rooms for training and workshops to smaller breakout rooms for collaboration, our spaces are purposefully designed to support these activities based on employee data.

By leveraging the power of data and analytics, Cisco has made informed decisions about space utilization, room design, and meeting configurations. This optimization not only enhances the physical environment but also ensures that our spaces align with the needs and preferences of our employees, facilitating a seamless transition into the hybrid work model.

You Can Be Next: Translating Data into Action

Now that we have discussed how data informs our approach to hybrid work, you may be wondering how to begin implementing your data-driven strategy. At Cisco, we recognize that smart buildings and hybrid work environments require a network of trusted partners to design, build, implement, and iterate — partners just like you. To get started on developing a data-first approach to hybrid work, consider the following options as your next steps:

1. Schedule a tour: Visit our new offices in Atlanta or PENN1 in NYC to witness firsthand the data-driven approach we have adopted and how it can benefit your customers. If you are an existing partner, reach out to your Product Marketing Manager (PMM) today.

2. Virtual tour: If an in-person visit is not possible, take a virtual tour of PENN1 to preview the capabilities of our smart building approach.

Together, let’s leverage data to create actionable insights and shape the future of hybrid work. By creating workspaces that employees want to return to, buildings that provide the necessary data to adapt to changing needs, and environments that foster sustainability and innovation, we can deliver the experience that both customers and employees desire.

Remember, the future of work is hybrid, and data is the key to unlocking its full potential. Together, we can create workspaces that inspire productivity, collaboration, and success. Let’s embrace the power of data and embark on this exciting journey toward a more connected, smart, and flexible work environment.

Source: cisco.com

Tuesday 23 May 2023

Built on Cisco Security Cloud: XDR

Cisco Security Cloud: XDR, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials

As we enter the age of Cisco Security Cloud, we have delivered on the first phase of our vision that aims to provide organizations with a comprehensive, open, and integrated platform for protecting their users, data, infrastructure, and applications whether on-premises, in the cloud, or both.

In the era of hybrid clouds, security platforms must meet organizations where they are to protect their data, networks, and systems from cyberattacks. Hybrid clouds combine on-premises and cloud-based resources, which can create new and complex security challenges. For example, it can be difficult to manage security policies across multiple environments, and it can be difficult to detect and respond to threats that move between on-premises and cloud environments.

During the RSA Conference in 2023, we launched our first product on the Cisco Security Cloud and unveiled Cisco XDR to the world. Cisco XDR is a cloud-based extended detection and response solution for security operations teams that detects, prioritizes, and remediates threats more efficiently to achieve security resilience. Integrating with the broad Cisco security portfolio and many third-party offerings, Cisco XDR is the most comprehensive solution on the market today.

Cisco XDR leverages the Cisco Security Cloud to provide organizations with a comprehensive view of their security posture. XDR collects data from across the security stack, including endpoints, networks, cloud, firewall, and email, and uses machine learning and artificial intelligence to identify and respond to threats in real time.

Overall, Cisco Security Cloud’s capabilities benefit Cisco XDR in several ways. By providing common data, centralized provisioning of physical identity and access management (PIAM) policies, and native cross domain telemetry, Cisco Security Cloud helps to improve the effectiveness of Cisco XDR in detecting, investigating, and responding to threats.

Here are some of Cisco Security Cloud’s capabilities that benefit Cisco XDR:

  • Common Data: This makes it easier for Cisco XDR to correlate data from different sources and to identify threats that might otherwise be missed.
  • Native Cross Domain Telemetry: Cisco Security Cloud can collect and correlate data from across the entire security infrastructure, including on-premises, cloud, and hybrid environments. This gives security teams a more complete view of the security landscape and helps them to identify and respond to threats more quickly.

Additionally, Cisco Security Cloud facilitates the following Cisco XDR capabilities that benefit SOC processes:

  • Threat Detection and Hunting: By leveraging advanced analytics and machine learning algorithms using behavior-based analysis and anomaly detection techniques, Cisco Security Cloud identifies potential security threats leveraged by Cisco XDR for early detection and proper prioritization of unknown/zero-day threats as well as known malware.
  • Incident Investigation and Response: When a security incident occurs, Cisco Security Cloud provides real-time alerts and actionable insights to facilitate rapid investigation under Cisco XDR. It offers crucial information about the incident, including affected assets and related indicators of compromise where recommended remediation steps are displayed by Cisco XDR.

With Cisco Security Cloud, Cisco XDR can detect, investigate, and respond to threats more effectively. As a result, organizations are able to improve their security posture and ensure that their data is protected against cyberattacks.

Saturday 20 May 2023

How Cisco’s SaaS Solutions on AWS Deliver Unbeatable Value to Customers and Partners

The cloud has become a vital tool for businesses of all sizes, providing flexibility, scalability, and cost-effectiveness that are necessary to compete in today’s fast-paced digital landscape. However, as more companies move their applications and data to the cloud, they face new challenges in terms of security, connectivity, observability, optimization. That’s where Cisco comes in.

As a leading provider of  networking, cybersecurity and observability solutions, Cisco has become a trusted partner for businesses looking to navigate their cloud journeys. Cisco offers end-to-end solutions for customers’ cloud journeys, including cloud connectivity, cloud security, cloud observability, cloud optimization, and remote work.

Cisco is making it easier for customers and partners to take advantage of its solutions by offering them on AWS Marketplace. Cisco SaaS solutions on AWS provide greater flexibility for customers and partners, making procurement easier. With the AWS Marketplace channel program, CPPO (Channel Partner Private Offer), partners can sell more Cisco SaaS solutions on AWS to customers. Most of Cisco’s SaaS solutions run on AWS, providing customers with greater flexibility and convenience in terms of procurement, leveraging their EDP commitments, and accessing the robust ecosystem support provided by Cisco and AWS.

Cisco Career, Cisco Skill, Cisco Jobs, Cisco Learning, Cisco Guides, Cisco Tutorial and Materials, Cisco Prep, Cisco Preparation

Cisco’s SaaS solutions on AWS cover a wide range of areas, including cloud security, connectivity, observability, and hybrid work solutions. Cisco SaaS solutions on AWS are designed to work seamlessly with AWS services, making it easier for customers and partners to integrate them into their existing cloud environments. For cloud security, Cisco offers zero trust, SSE, SASE, infrastructure protection, application security, and XDR solutions, which can help customers secure their cloud environments and protect their data from cyber threats.

In terms of cloud connectivity, Cisco offers SD-WAN and simplified cloud connectivity solutions that help customers connect their on-premises and cloud environments.

Additionally, Cisco’s cloud observability solutions offer full-stack observability that covers infrastructure, internet, applications, business, code-to-cloud, and cloud optimization. This helps customers gain better visibility into their cloud environments and optimize their cloud resources for cost and performance.

Lastly, Cisco’s end-to-end hybrid work solutions help customers support remote work and collaboration. This includes solutions for secure remote access, video conferencing, and team collaboration.

Cisco’s SaaS Key Solutions Use cases

Cisco Career, Cisco Skill, Cisco Jobs, Cisco Learning, Cisco Guides, Cisco Tutorial and Materials, Cisco Prep, Cisco Preparation

The Cisco and AWS partnership offers numerous benefits for customers and partners who are looking to migrate to the cloud or optimize their existing cloud environments. One of the most significant advantages of this partnership is the ability to access Cisco’s SaaS solutions on the AWS Marketplace.

In conclusion, By offering its solutions on AWS, Cisco is making it easier for businesses to take advantage of the latest technologies and innovations and stay ahead of the curve in their respective industries. The Cisco and AWS partnership is a powerful combination that can help customers and partners optimize their cloud environments and achieve their business objectives. To learn more about the AWS and Cisco partnership, and how you can benefit from Cisco’s SaaS solutions on AWS, visit the AWS and Cisco partnership page, as well as Cisco’s solutions for AWS.

Source: cisco.com

Thursday 18 May 2023

Forrester TEI™ Finds Cisco Vulnerability Management Delivers 125% ROI

Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Material, Cisco Certification Exam

Oh, the torture of not having a strong risk-based vulnerability management solution in place.

You know what I’m talking about. Relying on ineffective and unmanageable CVSS, homegrown scoring systems, vendor scoring, or a mixture of those options to help you try to prioritize the mountain of vulnerabilities in your environment. It leads to a lot of headaches and not a lot of progress to show.

Even more, it negatively impacts the working relationship between Security and IT, especially when one team is passing over a laundry list of vulnerabilities to the other with minimal context and understanding of business impact.

But it doesn’t have to be this way. Cisco Vulnerability Management (formerly Kenna.VM) takes a risk-based approach to vulnerability prioritization that is fueled by data science, enabling Security and IT teams to focus their limited resources on real risk and remediate more efficiently. ​

An April 2023 Total Economic ImpactTM study conducted by Forrester Consulting and commissioned by Cisco found that Cisco Vulnerability Management delivered a 125% return on investment (ROI) over three years, and a payback period of just 6 months for that investment.

Customers Interviewed for This Study

Forrester interviewed five Cisco Vulnerability Management customers (Figure 1) and formed a composite organization based on their characteristics to analyze the financial and operational impacts of Cisco Vulnerability Management. The composite organization is a global organization with $10 billion in annual revenue, 100,000 assets covered by Cisco Vulnerability Management, and 10 security analyst FTEs.

Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Material, Cisco Certification Exam
Figure 1: Characteristics of Cisco Vulnerability Management Customers Interviewed for the Total Economic Impact of Cisco Vulnerability Management, an April 2023 commissioned study by Forrester Consulting for Cisco

The study uncovered that, after adopting Cisco Vulnerability Management, customers transform their vulnerability management programs by streamlining their security and IT operational efficiency and reducing the likelihood of data breaches.

Let’s dig into the findings.

20% Reduction in Risk of Breach

Breaches. No one likes them, but they exist. Forrester found that Cisco Vulnerability Management reduced the risk of breach by helping the composite organization’s security and IT operation teams prioritize their efforts and focus on the most critical vulnerabilities. In doing so, these teams reduce the time it takes to remediate vulnerabilities and implement automation to proactively address potential security issues. Over three years, the composite organization reduces the risk of breach by 20%, with savings worth $1.5 million.

A senior manager of enterprise vulnerability management in entertainment and media explains, “When you’ve got 100 things to look at and they are all critical, nothing is critical. With [Cisco Vulnerability Management], we are able to say, ‘No, focus on these 10 to 15 things, not 100.’”

12% Increase in Security Analyst Efficiency

With Cisco Vulnerability Management, security analysts focus on the most critical vulnerabilities, optimize how they allocate resources to manage vulnerabilities, and better communicate the importance to their IT teams and leadership. As a result of these benefits, security analysts for the composite organization increase their productivity by 12%, worth about $276,000 over three years.

As stated by the global head of cyber vulnerability management in a financial services organization, “The benefit is not just about reducing [vulnerability] volume, it’s about shifting attention to what really needs to be focused on. The business also understands the criticality and is pushing those remediations. [Cisco Vulnerability Management] helped us improve maturity, reduce risk, and help focus on what’s important.”

Additionally, security teams experience stronger cross-functional communication and collaboration with their IT and leadership teams when using Cisco Vulnerability Management.

“We’ve seen about 14 hours a day of time savings spread out amongst the whole team after you factor in all the back-and-forth explanations through emails, meetings, and leadership briefs,” says senior manager of enterprise vulnerability management, entertainment and media. “Now, we just point people to a dashboard that leverages the vulnerability intelligence from [Cisco Vulnerability Management].”

7,800 Hours Saved Annually by IT Operations

Oftentimes, Security and IT teams are faced with competing priorities. And when not a lot of context is being shared with IT that explains why certain fixes are needed, remediation can slow down.

The Forrester TEI reports that Cisco Vulnerability Management helps the composite organization’s IT teams prioritize the most critical vulnerabilities, saving them time in remediation. Cross-team collaboration between security and IT groups improves, which streamlines operations and empowers IT resources to own more of the vulnerability management process. This saved IT Operations 7,800 hours annually and saved the composite organization $514,000 over three years.

The director of security surveillance and vulnerabilities management told Forrester: “Of the vulnerabilities that are [Cisco Vulnerability Management] related, [our remediation teams] spend at least half the time that they used to spend on vulnerability management. I’d say if they [previously] spent 15 to 20 minutes to understand the vulnerability, open the file, look for the target host, with [Cisco Vulnerability Management], they probably cut that time by half.”

More Benefits Beyond the Numbers

In addition to the quantified findings uncovered, the composite organization saw several unquantified benefits, including improved leadership visibility and communication, as well as improved collaboration between security and IT.

What’s more, Forrester also found that Cisco Vulnerability Management improved the employee experience by helping teams tie their efforts to business impact and reduce manual effort on tedious tasks. “The benefit is not just about reducing [vulnerability] volume, it’s about shifting attention to what really needs to be focused on. The business also understands the criticality and is pushing those remediations, says a global head of cyber vulnerability management in financial services. “[Cisco Vulnerability Management] helped us improve maturity, reduce risk, and help focus on what’s important.”

Forrester Proves Cisco Vulnerability Management’s Value with 125% ROI Over 3 Years

Forrester’s financial analysis of Cisco Vulnerability Management highlights savings of $2.32 million for the composite organization over a three-year period, and a 125% return on investment (ROI).

Cisco Vulnerability Management uses data science to take a risk-based approach to prioritization and it’s working. Customers today are no longer guessing where to focus their remediation efforts. They can easily identify the areas of significant risk and take action, leading to quicker time to value.

Source: cisco.com

Tuesday 16 May 2023

IT Leaders Contend with Secure Multicloud Access – The 2023 Global Networking Trends Report

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Prep Exam

What do you get when a massively distributed workforce tries to securely connect to a massively distributed set of applications? Massive complexity. In light of this, our latest annual Global Networking Trends Report is focused on how IT leaders and networking professionals are dealing with the challenges of connecting their increasingly dispersed workers to their increasingly distributed applications. And coming as a surprise to no one, when 2,500 IT leaders and professionals across 13 countries were surveyed, they verified that these challenges were their number one networking priority for 2023.

In addition to presenting the key trends from the survey results, the report includes six areas of essential guidance—guidance that focuses on one ultimate outcome: how best to provide distributed workforces with consistent, secure, anywhere connectivity to applications in a multicloud environment. We also asked Cisco experts to share their point of view on how organizations should implement this essential guidance. Here are a few points I found particularly interesting.

Use of Multiple Clouds is on the Rise

The report validates that organizations are, indeed, moving more of their apps and workloads to multiple cloud providers. But a bigger revelation was just how many different cloud providers organizations are using: 92% use more than two and an incredible 34% host workloads with more than four cloud providers (Figure 1). At the same time, one in four are using more than 20 SaaS applications. And when asked why, many respondents identified agility as the biggest motivation for moving to multiple cloud services, citing it as more important than either cost or resilience. 

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Prep Exam
Figure 1. The use of multiple cloud and SaaS providers has become the norm.  Source: 2023 Global Networking Trends Report.

Lack of Operational Consistency is an Obstacle

The report found that two in five respondents cite lack of consistency across networking, security, and cloud domains as a big obstacle to securely connecting users to cloud resources. At the root of this problem is the reality that many IT organizations still have network and security teams that plan and operate independently. This leaves many IT leaders challenged when trying to deliver better and more secure user experiences with their existing technology and divided operational boundaries.

Integrate Networking and Security from Device to Cloud  

Almost half of the respondents identified a fully integrated networking and security architecture in the form of Secure Access Service Edge (SASE) as their primary choice for connecting branches and remote users to multicloud applications within the next two years. They reported widespread plans to integrate cloud-based software-defined WAN (SD-WAN) connectivity and cloud security in order to deliver consistent secure access to both SaaS– and IaaS–based services.  

Simplify Connectivity to Multiple Clouds 

As the number of clouds increases, the ability to provide consistent and efficient connectivity management and security across them is becoming increasingly important. To improve connectivity to cloud-based applications from all locations, 53% of respondents said they are prioritizing SD-WAN integration with cloud services, SaaS, and middle-mile providers (Figure 2). Why? To apply policy consistently, automate connectivity, and better secure the application experience. 

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Prep Exam
Figure 2. SD-WAN Integrations with IaaS, SaaS, and Middle-mile Providers are Vital for a Better IT and User Experience.  Source: 2023 Global Networking Trends Report.

You Can’t Manage What You Can’t See 

Ultimately responsible for end-user experiences, IT is increasingly challenged to deliver desired levels of service. With the majority of transactions either originating or terminating outside of traditional enterprise boundaries, IT lacks visibility into the full network path. The digital supply chain is increasingly complex, composed of multiple providers and hops that are typically invisible to IT teams. With the Internet increasingly becoming the new core network, it’s no wonder that IT teams need help. In response to this need for greater visibility, 51% of IT professionals reported prioritizing the adoption of end-to-end network telemetry and visibility to achieve proactive detection and remediation of issues.  

Guiding, influencing, or implementing your own organization’s direction for networking is no easy feat. Explore this year’s report to learn more about how your peers are connecting and securing their increasingly distributed personnel to increasingly distributed apps and data.

Source: cisco.com

Saturday 13 May 2023

Future-proof with Cisco Next-Gen Firewalls

Cisco Next-Gen Firewalls, Cisco Certification, Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Learning, Cisco Guides

We have seen an increase in the efforts to future-proof our technology, infrastructure, and our planet. Future-proof means we introduce or create a product or system that is unlikely to become obsolete or fail in the future.

We’ve seen this in how architects are designing bridges and skyscrapers, our global efforts in planet and ecosystem conservation, and in the technology sphere, especially in the efforts around security solutions. What we build now is what will enable the future generation to be the next leaders, thought leaders, and innovators.

Foundation of Futureproofing

At Cisco our purpose is to power an inclusive future for all. We have the technology, solutions, and motivation to bring communities together and drive change for everyone no matter where they live. For this change to take place, we have to offer customers a strong and secure foundation.

This foundation is centered on providing a network with consistent visibility, policy harmonization, and cloud management. Here at Cisco, we provide this level of security foundation through Cisco Next-Generation Firewalls (NGFW). Cisco is helping customers take control of their security landscape, and they can leverage their current Cisco investments to start turning their network infrastructure into additional control points and direct extension to have a complete security architecture.

Cisco’s Future-proof Security Platform

Customers can leverage the power of Cisco to turn their existing infrastructure into an extension of their firewall solution, which leads to a greater evolution of security everywhere they need it. Cisco can turn your customers’ entire network into an extension of the security architecture, experience world-class security controls, and have a unified policy with threat visibility. Let’s talk briefly about each of these points.

Security Architecture Extension

Cisco Next-Gen Firewalls, Cisco Certification, Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Learning, Cisco Guides
Cisco provides a trusted network security with the deepest set of integration between core networking functions and network security. Whether your customers are looking to get more from their existing network with Application-Centric Infrastructure (ACI) or Identity Services Engine (ISE) or extend their protection across the architecture quickly with advanced threat intelligence, there is a solution available that matches their needs.

World-class Security Controls

Security threats are becoming increasingly complex, but Cisco NGFW appliances can be deployed wherever your customers need them no matter if they are on-premise or across multiple clouds. By protecting customers from hidden threats, Cisco NGFW leverages dedicated hardware to inspect threats hidden in encrypted traffic while maintaining optimal performance.

Cisco offers many parallel solutions that work with Cisco NGFW. If you would like to learn more about these additional opportunities, please contact your Cisco Distribution, Partner, or Marketing account manager.

Unified Policy and Threat Visibility

When your customers invest in Cisco NGFW or update their existing security portfolio to include this solution, they will not only gain stronger security posture, but will also be set up with a future-ready management experience that can evolve with their network. This will help your customers deliver scalable controls across many devices quickly, reduce complexity, stay ahead of threats, and accelerate their security operations.

Tackling new opportunities

Whether you are discussing an upgrade with a customer to be more future-proof or showing how Cisco technology can better secure a customer’s IT landscape, there is a solution that can help them identify, overcome, and prevent challenges from impacting their IT goals. The future is now, and we must help customers look ahead with confidence in their security technology.

Source: cisco.com

Thursday 11 May 2023

Spend Less Time Managing the Network, More Time Innovating with the Network

Cisco Exam, Cisco Exam Prep, Cisco Exam Preparation, Cisco Tutorial and Materials, Cisco Guides

As networks evolve to keep up with the requirements of a distributed hybrid workforce and the need for new B2B and B2C cloud applications, an increasingly complex workload for IT is an inevitable byproduct. Remote workers, collaborative applications, and smart building IoT devices have all added management challenges to the hybrid workplace network. IT teams, already responsible for network device onboarding, availability, and resilience, are taking on AIOps responsibilities for ensuring high application experience. They’re also picking up SecOps oversight for monitoring various endpoints for spoofing threats and malware intrusions. With this growing load of responsibilities, how is IT going to scale and not break?

The answer lies in the past as well as in the future. Twenty years ago, Cisco developed one of the first machine-learning toolsets to analyze vast quantities of telemetry collected from switches, routers, and access points to assist in technical problem resolution. The system, created by the Cisco Advanced Services team, was called Network Profile (NP). Built on top of one of the first network-specific data lakes, NP helped customers understand the current state of their networks and enabled Cisco technicians to quickly troubleshoot network issues.

Since then, Cisco has worked diligently to augment the intelligence inherent in the network. Today, the continuously evolving NP is an integral part of the Cisco CX Cloud and is tightly integrated with Cisco DNA Center. Cisco DNA Center Analytics, like NP and Site Analytics, and automations like the Machine Reasoning Engine, make network pros more effective by offloading repetitive, complex, and time-sensitive tasks that do not directly add new value to the organization.

A key value of applying Machine Learning and Artificial Intelligence engines in conjunction with volumes of operational telemetry is to do simple things simply well and thus enable less experienced NetOps technicians to handle a broader range of maintenance tasks.

Automating Compliance Checks

A great example of this intelligent automation lies in the area of compliance. Cisco DNA Center automates configuration checks of settings—such as certificates and SNMP—across hundreds of controllers. What is usually a time-consuming and tedious task is greatly simplified. Guided automations recommend fixes that IT can quickly implement with a single click. And since this scanning is always on, in real-time, technicians don’t need to remember to set aside time every week to run a network compliance scan. That’s simplification!

Simplifying Device Maintenance

Similarly, when managing thousands of networking devices across campuses, branches, and remote offices, what IT doesn’t know about lingering security issues forces technicians to be reactive rather than proactive. It takes time and expertise to keep up with PSIRT vulnerabilities and patches to network software on thousands of access points and switches.

Cisco DNA Center provides preventative measures for device maintenance. By connecting Cisco DNA Center to Cisco CX Cloud, fixes for known PSIRTs and software patches that IT can identify by existing TAC cases are shared automatically through a Cisco DNA Center dashboard with IT teams operating with relevant infrastructures. The granularity of these notifications extends from controller OS images down to specific device configurations, so only features in use are included in notifications. As a result, instead of discovering that an issue causes a network problem with a known resolution, Cisco DNA Center proactively recommends an appropriate resolution even before a problem occurs. And if a configuration is not using any of the affected features, the controllers will bypass installing unnecessary patches. The result is complexity simplified.

Moving From Reactive to Preventative

Predictive analytics with DNA Center’s Trends and Insights dashboard is an AIOps tool for monitoring the network for changes and anomalies that, while not causing an immediate issue, could become a problem in the future. For example, early warning alerts for events like a gradual increase in wireless interference, a sudden increase in the number of devices connected to the same Access Point, or an IoT device that is pulling 20% more power from a switch can help IT take preventative actions before issues impact workforce performance or network availability. By identifying the signs of looming network problems, Cisco DNA Center keeps NetOps teams ahead of issues instead of constantly chasing them—the empowerment of being proactive versus reactive.

Cisco Exam, Cisco Exam Prep, Cisco Exam Preparation, Cisco Tutorial and Materials, Cisco Guides
Figure 1. Out of complexity, simplicity with Cisco DNA Center AI/ML and Cisco Knowledgebase.

Optimizing the Network Fabric for Application Performance

Reducing complexity with AI/ML processes that assist IT in optimizing the network enables the best application experience for the workforce and customers. Increasingly this is even more critical as applications are literally everywhere, and so are the people who rely on them to keep operations rolling and interact with the business. Gaining visibility into application usage everywhere in the distributed network enables IT to prioritize network resources for business-critical applications and deprioritize irrelevant business applications.

Cisco Exam, Cisco Exam Prep, Cisco Exam Preparation, Cisco Tutorial and Materials, Cisco Guides

Take, for example, the fast-growing use of collaboration applications incorporating audio and video, screen sharing, recording, and translation. Cisco DNA Center AIOps features enable IT to proactively manage Microsoft Teams and Cisco WebEx performance. The Applications Dashboard in Cisco DNA Center displays the audio, video, and application share quality of experience for individual or team sessions for both platforms, enabling IT to quickly determine if a problem is inside or outside the network. The dashboard also provides remediation suggestions, such as increasing Wi-Fi coverage in specific areas—before operations are affected. Suppose the problem is outside the enterprise network. In that case, IT can activate Cisco ThousandEyes WAN Insights directly from the dashboard to determine the internet bottleneck or provider causing the issue, along with alternate routing suggestions to fix the performance degradation.

Simplify Networks with a Foundation of Automation and Analytics

We are weaving AI and ML capabilities throughout Cisco software, controllers, and network fabrics to simplify the management of complex networks, including innovations like AI Network Analytics, Machine Reasoning Engine Workflows, Networking Chatbots, AI Spoofing Detection, Group-Based Policy Analytics, and Trust Analytics. These solutions assist IT in directing talent to more innovative projects that add value to the organization, such as securing the remote workforce, managing multi-cloud applications, and implementing a Secure Access Service Edge (SASE) for holistic security across the enterprise.

Cisco DNA Center enables IT to hide complexity and operate massive networks at scale, securely, and with agility. The value of AI/ML in Cisco DNA Center is in the ability of the network to enable an excellent experience for IT personas, which in turn provides an optimal experience for the workforce, along with trust in knowing the network is always watching and self-adjusting.

Source: cisco.com

Wednesday 10 May 2023

How to Pass Cisco 300-420 ENSLD Exam Using Various Study Materials?

Getting certified by Cisco is the recommended path to establishing a career in Cisco products. Countless companies, regardless of their size, rely on Cisco’s network software and equipment. It’s evident that Cisco’s products surpass those of their competitors because they continuously enhance and add new features to their technologies. If your career goal is to work in enterprise design, passing the Cisco 300-420 ENSLD exam will significantly benefit you and give you a significant advantage when job hunting.

Cisco 300-420 ENLSD Exam Overview

To obtain the new CCNP certification, you must pass two tests, one of which is the Cisco 300-420 ENSLD. This exam is a concentration test chosen from a pool of six others. It is mandatory to take the 300-420 exam and the core Cisco 350-401 test to be eligible for the certification. The 300-420 exam encompasses diverse topics that students must be familiar with before attempting. These objectives include:

  • Advanced Addressing and Routing Solutions (25%)
  • Advanced Enterprise Campus Networks (25%)
  • WAN for Enterprise Networks (20%)
  • Network Services (20%)
  • Automation (10%)
  • These topics are intended to aid in your exam preparation, consisting of 55-65 questions and last 90 minutes. Once you grasp these topics well, you will be well-prepared to take the Cisco 300-420 exam and pass it successfully.

    Best Study Resources for CCNP Enterprise 300-420 ENSLD Exam

    You must have the right study resources to prepare for the CCNP Enterprise 300-420 ENSLD exam. Here are some of the best resources that you can use:

    1. Official Cisco Learning Resources

    The official Cisco Learning Resources is a great place to start your preparation for the CCNP Enterprise 300-420 ENSLD exam. Cisco offers a range of training courses, study materials, and practice tests that can help you learn the exam topics and get hands-on experience with Cisco technologies and solutions. You can find these resources on the Cisco website or through Cisco’s authorized learning partners.

    2. CCNP Enterprise 300-420 ENSLD Study Guide

    The CCNP Enterprise 300-420 ENSLD Study Guide is a comprehensive resource covering all the exam blueprint topics. The guide includes detailed explanations, examples, and practice exercises to help you understand the exam concepts and prepare for the test. You can find the study guide on Amazon or other online bookstores.

    3. Cisco 300-420 ENSLD Practice Tests

    Practice tests are essential to your preparation for the CCNP Enterprise 300-420 ENSLD exam. They help you identify your strengths and weaknesses, get familiar with the exam format and time constraints, and build your confidence for the test. You can find practice tests on the Cisco website, through Cisco’s authorized learning partners, or on online learning platforms such as nwexam website.

    Tips for Passing CCNP Enterprise 300-420 ENSLD Exam

    Here are some tips that can help you pass the CCNP Enterprise 300-420 ENSLD exam:

    1. Understand the Exam Blueprint

    The CCNP Enterprise 300-420 ENSLD exam blueprint outlines the topics and subtopics the exam covers. Ensure you understand the blueprint and focus your study efforts on the areas you need to improve.

    2. Get Hands-on Experience

    The CCNP Enterprise 300-420 ENSLD exam tests your ability to design enterprise networks using Cisco technologies and solutions. You must have hands-on experience with Cisco devices and software to prepare for the exam. Set up a lab environment or use simulation tools for the necessary expertise.

    3. Join Study Groups

    Joining study groups can help you stay motivated and learn from other candidates preparing for the CCNP Enterprise 300- 420 ENSLD exam. You can find study groups on social media platforms like LinkedIn, Facebook, or Reddit.

    4. Use Mind Mapping and Note-taking Techniques

    Mind mapping and note-taking techniques can help you organize your thoughts, understand complex topics, and remember important concepts. Use these techniques to create summaries, diagrams, and charts that capture the exam topics and subtopics.

    5. Practice Time Management

    The CCNP Enterprise 300-420 ENSLD exam lasts for 90 minutes, which means you have limited time to answer 60-70 questions. Practice time management techniques, such as skipping difficult questions and returning to them later, to ensure you answer all the questions within the allotted time.


    The CCNP Enterprise 300-420 ENSLD exam is a challenging test requiring extensive knowledge and experience designing enterprise networks using Cisco technologies and solutions. To prepare for the exam, you must have the right study resources, such as official Cisco learning resources, study guides, and practice tests. Additionally, you need to follow some tips, such as understanding the exam blueprint, getting hands-on experience, joining study groups, using mind mapping and note-taking techniques, and practicing time management. With the proper preparation and dedication, you can pass the CCNP Enterprise 300-420 ENSLD exam and advance your career in the networking field.

    Tuesday 9 May 2023

    Disaster Recovery Solutions for the Edge with HyperFlex and Cohesity

    The edge computing architecture comes with a variety of benefits. Placement of compute, storage, and network resources close to the location at which data is being generated typically improves response times and may reduce WAN based network traffic between an Edge site and central data center. This stated the distributed nature of edge site architectures also introduces several challenges related to data protection and disaster recovery. One requirement is performing local backups with the ability to conduct local recovery operations. Another formidable challenge involves edge site disaster recovery. Planning for the inevitable edge site outage, be it temporary, elongated, or permanent is the problem this blog takes a deeper look into.

    Cisco Career, Cisco Skills, Cisco Jobs, Cisco Tutorial and Materials, Cisco Certification, Cisco Guides, Cisco Learning

    Business continuity planning focuses on items such as Recovery Point Objective (RPO) and Recovery Time Objective (RTO). These measurements are generally expressed in terms of a Service Level Agreement (SLA). Under the covers exists a collection of infrastructure building blocks that make adherence to an SLA possible. In simplistic terms, the building blocks include the ability to perform backups, the ability to create additional copies of backups, provide a methodology to transport backup copies to remote locations (replication), an intuitive management interface, and connects to a preconfigured recovery infrastructure.

    From an operational standpoint, an edge site disaster recovery solution includes workflows that enable the ability to:

    ◉ Perform workload failover from an edge site to a central site.
    ◉ Protect failed over workload at a central site.
    ◉ Reverse replicate protected workloads from a central site back to an edge site at the point where the edge site is ready to receive inbound replication traffic.
    ◉ Failover again such that the edge site once again hosts production workloads.
    ◉ Test these operations without impacting production workloads.

    Should an edge site failure or outage occur, workload failover to a disaster recovery site may become necessary. (Quite obviously, disaster recovery operations should be tested on an ongoing basis rather than just hoping things will work.) At the point where workload failover has been completed successfully, the failed over workload requires data protection. At the point where the edge site has been returned to an operational state, backup copies should be replicated back to the edge site. Alternatively, a new or different edge site may replace the original edge site. At some point, workload transition from the central site back to the edge site will occur.

    HyperFlex with Cohesity Data Protect

    Cohesity provides a number of DataProtect solutions to assist users in meeting data protection and disaster recovery business requirements. The Cohesity DataProtect product is available as a Virtual Edition and can be deployed as a single virtual machine hosted on a HyperFlex Edge cluster. A predefined small or large configuration is available for selection when the product is installed. The Cohesity DataProtect solution is also available in a ROBO Edition, running on a single Cisco UCS server.

    Cohesity DataProtect edge solutions provide local protection of virtual machine workloads and can also replicate local backups to a larger centralized Cohesity cluster deployed on Cisco UCS servers.

    Cisco Career, Cisco Skills, Cisco Jobs, Cisco Tutorial and Materials, Cisco Certification, Cisco Guides, Cisco Learning

    Cohesity protection groups are configured and define the workloads to protect. Protection groups also include a policy that defines the frequency and retention period for local backups. The policy also defines a replication destination, replication frequency, as well as the retention period for replicated backups.

    In summary, Cisco HyperFlex with Cohesity DataProtect has built-in workflows that enable easy workload failover and failover testing. At the point where reverse replication can be initiated, a simple policy modification is all that is required. Cohesity also features Helios, a centralized management facility that enables the entire solution to be managed from a single web-based console.

    Source: cisco.com

    Saturday 6 May 2023

    Securing the #1 threat vector is a key part of an effective XDR strategy

    There are many ways to build out an extended detection and response (XDR) solution; that may be why so many options exist in the marketplace. However, email security is an undeniably critical component in most customer scenarios. Its strengths lie in its ability to enrich incidents, gather actionable telemetry, provide visibility for greater context, and empower quicker response times. This analysis and understanding of data intent — and the subsequent ability to speed remediation — make email security foundational to an effective XDR strategy.

    What should be built into your XDR strategy?

    ◉ Ability to share data rapidly between existing security layers
    ◉ Greater context and enriched threat investigation and response
    ◉ Automated security responses

    What should an XDR solution provide?

    ◉ A visual representation of real threats you are investigating
    ◉ Easy to understand, quick to comprehend results
    ◉ A seamless way to extend your existing security product

    Email administrators use this XDR strategy when investigating threats against end-users in your organization. Using Cisco Secure Email Threat Defense, Cisco bakes this in from the start.

    A single email contains many identifiable data dispositions that your email security platform already uses to analyze and act against – IP addresses, URLs, hostnames, and attachments (SHA-256 hash). This data is a gold mine of information used in your XDR platform.

    Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning
    Figure 1: Snapshot of threat techniques in a phishing email

    Message tracking shows the verdict of the message and the techniques used to categorize and score the email as a threat. In addition, you’ll see pertinent information such as Sender, Recipient, Attachments, and URLs – the expected data points. Email Threat Defense provides these powerful search capabilities to give you quick access to these message details that empower more informed responses. Remediating threats directly in Cisco XDR and Threat Response streamlines processes and saves valuable time.

    Share data between existing security layers

    Your XDR strategy needs to deliver this data between security layers. Cisco XDR builds a data correlation map of a message and all related dispositions. Direct results allow further queries and information gathering by giving you a visual, interactive investigation representation.

    Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning
    Figure 2: Example of an XDR investigation starting with a threat message.

    IP addresses seen can be added to an inbound policy outside the email platform. Interact with the URL and see judgments, or perhaps sandbox and re-evaluate it in real time. Add the SHA256 to your Secure Endpoint blocklist. These are all now key functionalities of XDR that empower you and your team to make faster, data driven decisions.

    Aid and enrich threat investigation and response

    Your XDR extensibility should continue with more than just Cisco security products. You can use your existing third-party products for additional intelligence and include extensions to help build your response action.

    Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning
    Figure 3: Extensible options to quarantine and isolate observables

    Cisco and Cisco Talos Intelligence Group provide excellent detection and response, rule sets, and a vast intelligence library. In addition, we work closely with partners and additional third-party providers that help to defend against known and emerging threats, new vulnerability discovery, and threat interdiction. Utilizing an external threat feed provider or incorporating your direct private intelligence are vital drivers to XDR collaboration techniques.

    Automate security responses

    Cisco XDR rounds out the strategy with orchestration, allowing you to automate responses with various solutions, specifically providing additional detections and actions.

    Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning
    Figure 4: Pre-built orchestrations in XDR, this example blocks user access.

    Orchestration allows prebuilt workflows ready to combine the telemetry, security need, and subsequent actions readily available to execute. This automation alleviates the need for redundant or recurring motions that take up your team’s valuable resources and allows them to focus on more strategic initiatives.

    Source: cisco.com