Cisco Enhances Zero Trust Access with Google

Cisco Secure Access provides a broad set of security functions in one unified solution to make both users and the IT team more productive, but no single solution can cover all security requirements. With this perspective Secure Access is actively building a strong technology ecosystem to more efficiently serve the wider needs in the market. This week Cisco announced an additional collaboration with Google to bring browser-based threat and data protection from Chrome Enterprise to web apps secured by Cisco Secure Access. As more work activities happen on web applications, a secure enterprise browser can strengthen and simplify endpoint security as part of a broader zero trust approach.

Combined, Google’s Chrome Enterprise and Cisco’s Security Cloud can help customers protect against, detect, and remediate a broad range of cyber-attacks by combining browser- and cloud-based protection. Organizations can more easily mitigate security risks while increasing user productivity (including employees, partners, and contractors), and reducing administrative tasks.

As a critical component of a comprehensive security strategy, Cisco Secure Access, an AI-first Security Service Edge (SSE) solution built on Cisco Security Cloud, provides a converged set of cloud security services. These include Zero Trust Access for private applications, Secure Web Gateway for the web, Cloud Access Security Broker for Software-as-a-Service (SaaS), Browser Isolation for web-based threats, Digital Experience Monitoring to optimize user productivity, Domain Name System security, and more. Chrome Enterprise offers browser-based threat and data protection, policy and access controls and critical security insights.

The combination of Cisco Secure Access and Chrome Enterprise offers enterprises the benefits of both cloud-based and browser-based security. Users are protected across multiple device types, applications, and networks with end-to-end zero trust access, including device trust, strong authorization, and secure application access for both managed and unmanaged devices. Cisco and Google are collaborating to deliver:

Advanced, granular, zero trust security 

The solution protects users, data, and apps through streamlined zero trust access to enterprise applications from managed and unmanaged devices with granular controls.

In addition, independent user-to-app traffic streams and hidden app locations provide unmatched protection against reconnaissance, active threats, and lateral movement. Lastly, an efficient combination of browser and cloud-based DLP controls secure sensitive data and protect against inappropriate copying, pasting, and printing. This includes blocking content transfers to and from GenAI sites when they violate DLP policies.

Frictionless user experience

A good user experience is critical to preventing user subversion of security controls. This solution significantly simplifies the user experience by removing the need for the manual, multi-step, agent and VPN connection process, significantly simplifying the user experience. It provides a one-step, fast connection to private applications through Chrome Enterprise, making it easier for users to access work resources. Users’ devices go through an automated and seamless trust process instantly at login, which ensures they have a strong security posture.

Simplified management

Simplifying the administrative experience is another focus of this collaboration. It starts with an easier deployment process that is enabled by agentless activation of device trust capabilities. Setting access policies for Chrome through Cisco Secure Access centralizes administrative tasks and allows for more consistent policy enforcement across applications. To improve detection times, we allow for security events from Chrome to be collected, analyzed, and extracted, including password changes, unapproved password reuse, data exfiltration, unsafe site visits, extension events and malware transfer events.

Source: cisco.com

Continue reading

200-901 DEVASC Certification: Unlocking New Opportunities

The 200-901 DEVASC (Developing Applications and Automating Workflows using Cisco Platforms) certification is a highly regarded credential for IT professionals aiming to excel in network automation and application development. This certification demonstrates your proficiency in creating and managing applications on Cisco platforms, positioning you as a valuable asset in the tech industry. In this article, we will delve into ten key career benefits of obtaining the 200-901 DEVASC certification and how it can propel your professional growth to new heights.

What is the 200-901 DEVASC Certification?

The 200-901 DEVASC certification, offered by Cisco, is designed for professionals aiming to gain expertise in software development and network automation. This certification focuses on essential skills such as using Cisco APIs, implementing network programmability, and automating network tasks. It is ideal for those seeking roles in network engineering, software development, and DevOps.

Cisco 200-901 Exam Details:

• Exam Price: USD 300
• Duration: 120 minutes
• Number of Questions: 90-110
• Passing Score: Variable (750-850 / 1000 Approx.)

What Are the Prerequisites for the Cisco 200-901 DEVASC Exam?

There are no formal prerequisites for taking the 200-901 DEVASC exam. However, Cisco recommends having a foundational understanding of programming concepts and networking basics. Experience with Python programming, REST APIs, and an understanding of network fundamentals can be beneficial.

What Topics Are Covered in the 200-901 DEVASC Exam?

The 200-901 DEVASC exam covers a range of topics essential for developing and automating workflows on Cisco platforms. According to the Cisco 200-901 certification exam syllabus, the primary topics include:

• Software Development and Design: Understanding software development processes, data formats, and data encoding.
• Understanding and Using APIs: Knowledge of REST APIs, CRUD operations, and API authentication methods.
• Cisco Platforms and Development: Familiarity with Cisco platforms and their capabilities.
• Application Deployment and Security: Techniques for deploying applications and ensuring their security.
• Infrastructure and Automation: Implementing network automation using tools like Ansible and Puppet.
• Network Fundamentals: Basic networking concepts and IP addressing.

For a detailed breakdown, refer to the Cisco 200-901 certification exam syllabus.

How Difficult is the 200-901 DEVASC Exam?

The difficulty of the 200-901 DEVASC exam depends on your background and preparation. Candidates with a solid understanding of programming, networking basics, and hands-on experience with Cisco platforms typically find the exam manageable. However, it is still a challenging certification that requires thorough preparation and practice.

What Are the Best Study Materials and Resources for Preparing for the 200-901 DEVASC Exam?

To prepare effectively for the 200-901 DEVASC exam, consider using the following study materials and resources:

Official Cisco Study Guides:

• Cisco offers official study guides and e-learning courses tailored to the DEVASC exam. These resources are designed by Cisco experts and provide comprehensive coverage of all exam objectives. The guides include detailed explanations, practical examples, and hands-on labs to reinforce learning.

200-901 Practice Tests and Mock Exams:

• 200-901 Practice tests and mock exams are invaluable for familiarizing yourself with the exam format and identifying areas where you need improvement. They simulate the actual exam environment and help you gauge your readiness.
• Websites like Nwexam.com offer quality practice tests. Additionally, Cisco's practice exams can be a good benchmark.

Try this Practice test: https://quiz.tryinteract.com/#/60debd4fd5240f001761f1c7

Cisco DevNet:

• Utilize resources from the Cisco DevNet community for practical insights and tutorials. Cisco DevNet provides a wealth of learning labs, sandboxes, and documentation to help you gain hands-on experience with Cisco technologies.
• Engage with the DevNet community to ask questions, share knowledge, and learn from others who are also preparing for the exam.

Books:

• Books such as "Developing Applications for Cisco Webex and Webex Devices" are excellent resources for in-depth learning. They provide detailed information and practical examples that are crucial for understanding the topics covered in the exam.
• Other recommended books include "Cisco Certified DevNet Associate DEVASC 200-901 Official Cert Guide" and "Programming and Automating Cisco Networks: A Guide to Network Programmability and Automation in the Data Center, Campus, and WAN."

Supplementary Resources:

• Forums and Study Groups: Join forums and study groups on platforms like Reddit and Cisco Learning Network. Interacting with others preparing for the same exam can provide additional insights and support.
• Webinars and Videos: Many websites, including Cisco's own training portal, offer webinars and video tutorials that can be helpful.

Top 10 Career Benefits of Earning the 200-901 DEVASC Certification

1. Enhanced Technical Skills

The 200-901 DEVASC certification focuses on developing your technical skills in network automation and programming. You'll gain hands-on experience with Cisco APIs, network programmability, and the integration of software and hardware systems. This expertise is highly sought after in the IT industry, where the demand for skilled professionals in automation and application development continues to grow.

2. Competitive Edge in the Job Market

In a competitive job market, having the 200-901 DEVASC certification on your resume sets you apart from other candidates. Employers recognize the value of this certification and often prioritize candidates who possess it. By demonstrating your knowledge and proficiency in network automation, you increase your chances of landing lucrative job offers and promotions.

3. Higher Earning Potential

Certified professionals often command higher salaries compared to their non-certified counterparts. The 200-901 DEVASC certification can significantly boost your earning potential by validating your specialized skills in network automation and application development. Employers are willing to pay a premium for employees who can streamline processes and improve efficiency through automation.

4. Career Advancement Opportunities

The 200-901 DEVASC certification opens doors to various career advancement opportunities. With this credential, you can pursue roles such as Network Automation Engineer, Software Developer, DevOps Engineer, and more. These positions often come with greater responsibilities, higher salaries, and the potential for leadership roles within organizations.

5. Recognition and Credibility

Earning the 200-901 DEVASC certification enhances your professional credibility and recognition in the industry. It demonstrates your commitment to staying updated with the latest technologies and best practices in network automation and application development. This recognition can lead to increased trust and respect from peers, employers, and clients.

6. Skill Validation and Confidence

The certification process involves rigorous training and examinations that validate your skills and knowledge. Successfully earning the 200-901 DEVASC certification boosts your confidence in your abilities to tackle complex network automation tasks and develop robust applications. This confidence translates into better job performance and career satisfaction.

7. Networking Opportunities

Pursuing the 200-901 DEVASC certification provides you with opportunities to network with other professionals in the field. You can connect with peers, mentors, and industry experts through certification courses, study groups, and professional events. These connections can be valuable for career growth, job referrals, and staying informed about industry trends.

8. Access to Exclusive Resources

As a certified professional, you gain access to exclusive resources provided by Cisco. These resources include advanced training materials, webinars, technical support, and community forums. Leveraging these resources can help you stay ahead of the curve, continuously improve your skills, and solve complex problems more efficiently.

9. Contribution to Organizational Success

With the 200-901 DEVASC certification, you can make significant contributions to your organization’s success. Your expertise in network automation and application development can streamline operations, reduce costs, and enhance overall productivity. Organizations value employees who can drive innovation and deliver tangible results.

10. Personal and Professional Growth

The journey to earning the 200-901 DEVASC certification is challenging and rewarding. It requires dedication, continuous learning, and problem-solving skills. This process not only contributes to your professional growth but also fosters personal development. You become more adept at critical thinking, time management, and adapting to new technologies.

Conclusion

Achieving career growth with the 200-901 DEVASC certification is a strategic move for any IT professional. Cisco Certified DevNet Associate certification offers numerous benefits, including enhanced technical skills, increased earning potential, and greater job opportunities. By investing in this credential, you position yourself as a valuable asset to any organization and set the stage for a successful and fulfilling career in network automation and application development.

Continue reading

Cisco API Documentations Is Now Adapted for Gen AI Technologies

Developer experience changes rapidly. Many developers and the Cisco DevNet community utilize Generative AI tools and language models for code generation and troubleshooting.

Better data = better model completion

The main challenge for GenAI users is finding valid data for their prompts or Vector Databases. Developers and engineers need to care about the data they plan to use for LLMs/GenAI interaction.

OpenAPI documentations is now available to download

The OpenAPI documentation is a specification that defines a standard way to describe RESTful APIs, including endpoints, parameters, request/response formats, and authentication methods, promoting interoperability and ease of integration.

We at Cisco DevNet care about developers’ experience and want to make your experience working with Cisco APIs efficient and with minimal development/testing costs.

You can find links to OpenAPI documentation in JSON/YAML format here: Open API Documentation page and Search related product API – Navigate to API Reference -> Overview section in left-side menu

Note: Some API documentation can contain multiple OpenAPI Documents

For which purpose you can use related OpenAPI documentation as a part of prompt/RAG:

• Construct code or script that utilizes related Cisco API
• Find related API operations or ask to fix existing code using the information in the API documentation
• Create integrations with Cisco products through API
• Create and test AI agents
• Utilize related Cisco OpenAPI documentation locally or using approved AI tools in your organization.

Structured vs Unstructured data

I’ve compared two LLM model completions with a prompt that contains two parts. The first part of the prompt was the same and contained the following information:

Based on the following API documentation, please write step-by-step instructions that can help automatically tag roaming computers using Umbrella API.

High-level workflow description:

1. Add API Key
2. Generate OAuth 2.0 access token
3. Create tag
4. Get the list of roaming computers and identify related ‘originId’
5. Add tag to devices.

API documentation:

Second part:

In one case, it contains copy and paste data directly from the doc,

The other one contains LLM-friendly structured data like OpenAPI documents pasted one by one

Part of CDO OpenAPI documentation

Claude 3 Sonnet model completion. Prompt with OpenAPI documents 

Claude 3 Sonnet model completion. Prompt with copy and paste data

Benefits of using LLM-friendly documentation as a part of the prompt

I’ve found that model output was more accurate when we used OpenAPI documents as a part of a prompt. API endpoints provided in each step were more accurate. Recommendations in sections like “Get List of Roaming Computers” contain better and more optimal instructions and API operations.

Source: cisco.com

Continue reading

Security Cloud Control: Pioneering the Future of Security Management

Organizations face a critical challenge today: attackers are exploiting the weakest links in their networks, such as unsecured users, devices, and workloads. This threat landscape is complicated by the shift from traditional data centers to a distributed environment, where protecting dispersed data across multiple touchpoints becomes complex.

To address these threats, many organizations resort to using multiple security tools, leading to siloed teams, tech stacks, and management systems that hinder effective security. This fragmented approach results in unnecessary costs, longer deployment times, inconsistent security, and critical gaps.

Security products that do not integrate or benefit from each other exacerbate these issues. For example, Network Security Admins struggle to navigate disparate teams and tools for effective policy deployment. Additionally, customers often under-utilize security tools, resulting in poor security hygiene and misconfigurations that increase the risk of a breach. Manual monitoring of multiple tools makes it impossible for organizations to proactively predict issues that lead to operational challenges. Consequently, the burden has been pushed onto the customer to understand the gaps and figure out how to best use the tools.

Inconsistent security policies, siloed management, lack of unified visibility, misconfiguration risks, and cybersecurity skills shortage are all significant challenges organizations face. While organizations are facing these challenges, the urgency is underscored by findings from the IBM X-Force Threat Intelligence report. According to the report, the average time from initial access to ransomware deployment has dropped from 1637 hours (about 2 months 1 week) to just 92 hours (less than 4 days) in 2023. This dramatic reduction means organizations now have much less time to respond to threats, making effective and integrated security solutions more critical than ever.

Without a centralized platform, gaining a holistic view of security is challenging. Manual identification of misconfigurations is error-prone and can lead to breaches. There is a lack of skills, time, and resources to fully utilize security features and maximize ROI. Customers must implement best practices, requiring specialized knowledge and time. Resolving access or policy issues is lengthy due to diverse security products. Admins spend excessive time crafting similar policies across different platforms. Operational issues are often addressed reactively, leading to downtime and suboptimal performance. Non-actionable alerts and overwhelming data cause analysis paralysis and hinder decision-making, with a missing sense of urgency. While we will never fully move away from having distributed enforcement points, there is a significant opportunity for the security industry to provide consistent security across these varied touchpoints.

A unified security platform aims to alleviate these issues by providing a comprehensive view of the security landscape, enabling consistent policy enforcement, simplifying troubleshooting, and offering actionable insights with the help of AI. Thus, it reduces the cognitive load and dependency on specialized skills. When considering Unified Security Management (USM), the goal is to have seamless management experience.

To meet the unique needs of various organizations and support diverse network firewall configurations, our strategy focuses on three core objectives: simplifying operations, enhancing security, and improving clarity. We aim to streamline security management processes, strengthen defenses with advanced Zero Trust and vulnerability protection, and offer clear, actionable insights through AI-driven intelligence. These focused efforts are designed to deliver a more intuitive, robust, and user-friendly security solution.

Customer Outcomes with Security Cloud Control

We are excited to launch AIOps, offering a game-changing way to enhance operational efficiency and bolster security. AIOps addresses critical IT challenges such as misconfigurations and traffic spikes, preventing downtime and reinforcing network performance. AIOps provides predictive insights and automation to help administrators improve security and reduce costs. We are introducing key features, such as policy analysis and optimization, best practice recommendations, traffic insights, and capacity forecasting. By incorporating AIOps into our services, we are adopting a more intelligent and proactive methodology to safeguard and optimize the performance and security of your network infrastructure.

Best Practice Recommendations: Nudging admins to get to better security state

Predictive Insights with AIOps

Benefits of AIOps

Our solution is designed to accommodate management of a wide array of form factors of firewalls, ensuring comprehensive security from the ground up to the cloud. It seamlessly integrates with various deployment models, including physical and virtual firewalls (Cisco Secure Firewall Threat Defense), Multicloud Defense, Hypershield, and Adaptive Security Appliances (ASA).

This versatility simplifies the management of your security infrastructure, making it easier to maintain a robust and adaptive defense system across your entire network all from a single place.

Our partnership with Splunk represents a significant leap forward in streamlining security operations. By integrating with Splunk, we enhance the oversight and monitoring capabilities of both cloud-based and on-site firewalls. Utilizing Splunk’s powerful data processing, analytics, and real-time logging strengths, we deliver an enriched, responsive, and comprehensive view of your security posture.

This collaborative effort simplifies the management of security operations, providing Security Operations Center (SOC) teams with a superior, streamlined, and more effective method for protecting their digital landscapes.

We are introducing a unified dashboard that enables our customers to gain a real-time, holistic perspective of their entire network and cloud security ecosystem. Customers can efficiently manage tens of thousands of security devices, coordinating multiple tenants under a centralized global administrator.

Unified Dashboard: A Comprehensive view of firewall and security services

We are further simplifying the operations for our admins with the Firewall AI Assistant. It revolutionizes network security by tackling the complexity of firewall rule management. With many organizations handling over a thousand rules—some outdated or conflicting—firewall maintenance becomes a security risk. Gartner notes that misconfigurations may lead to 99% of firewall breaches through 2023, highlighting the need for this AI-driven simplification. Customers can ask the Assistant to explain the intent of the policies and assist with creating rule.

AI Assistant for Firewall: Rule Analysis

AI Assistant for Firewall: Rule Creation

A key breakthrough in our security strategy is the implementation of seamless object sharing, which plays a pivotal role in maintaining consistent protection across hybrid networks. This feature facilitates the distribution of network objects across both on-premises firewalls and multi-cloud defenses. Its primary objective is safeguarding application and workload data wherever they reside, by enabling our admins to build a consistent policy across different environments. This approach fortifies the security posture of your hybrid environment, and streamlines change management processes, reduce opportunity for errors, thereby, contributing to a more secure, effective, and resilient IT ecosystem.

Consistent Policy Enforcement: Sharing Network Objects across on-prem and Cloud environments

We are committed to continuously enhancing our services and expanding our global footprint to better serve our customers. In conclusion, our vision extends beyond merely supplying tools—we strive to revolutionize the user experience.

Through the fusion of cutting-edge technology and intuitive design, our goal is to foster a supportive environment for administrators, where operations are efficient, and security is strong. We are dedicated to alleviating the customer’s burden by offering a Unified Security Platform that empowers them to achieve the best state of security.

Source: cisco.com

Continue reading

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

All the technology around us is meant to increase our productivity through tools and automation so that our quality of life can be improved. The reality can be very different, especially if you are an MSP.  There are so many factors affecting your quality of life like stress due to client emergencies, tight deadlines, unpredictable working hours or challenges at the end of the month for billing and invoicing with your customers. Above all getting ahead of breaches, staying ahead of hackers can all add to reduced quality of life.

Read More: 200-301: Cisco Certified Network Associate (CCNA)

I know that we cannot take away all the stress inducing factors for our MSPs, though that is our vision, but for now I want to talk about how we are making it easy for our MSPs to do business with MSP center and have an easier time managing their Cisco security products with MSP Hub.

MSP Center is our simplified, usage based post-paid buying model where you as an MSP can sign up once to get access to Security portfolio. There are no long forms to fill in, training requirements to pass through or chat with several sales reps to get access to the products. If your customer needs a security offer, you can provide it from our portfolio in a few minutes.

Once you sign up on, you get access to MSP Hub which as the name suggests is a dashboard for MSPs to manage all Security products, customers, billing and invoicing along with ecosystem integrations in a single pane. Several hundred partners are currently using the hub and are absolutely loving it. One of our partners remarked, “This is exactly the dashboard we want as an MSP, single pane of glass across all Cisco products for MSPs”.

I want to detail a few use cases which can save a lot of time for MSPs.

◉ Customer Management – The customer management feature on MSP Hub streamlines the customer onboarding process for multiple products in a single place. The Bulk Import feature also lets our partners import their end customers easily saving multiple clicks and reducing mundane tasks for MSPs.

◉ Billing and Invoicing – This feature enables easy access to historic billing, ability to change the payment information and a detailed breakdown of usages which in turn helps you as an MSP to reduce the man hours around invoicing the customer and resolving billing and invoicing issues. We also plan to build integrations which can further simplify your life.

◉ Technical Integrations – We are simplifying how our Cisco Security products can easily integrate with ecosystem partners in a simple 3 click process. This will further save our MSPs from tedious and elaborate integrations. We are working with some of your favorite RMM vendors. Reach out to us to know more.

◉ Apart from this, there is a simplified on-demand training portal that your sellers or engineers can use to sell and deploy the products easily.

Source: cisco.com

Continue reading

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

Marketing Velocity Central (MVC) is Cisco’s data-driven demand generation platform created by marketers for marketers. Our partners use MVC to learn, build their brand, launch campaigns, track results and become world-class marketers.

For the past decade, MVC has provided our partner marketing professionals with curated campaigns for today’s biggest opportunities. This month’s spotlight campaign is on end user security with Cisco User Protection Suite.

The User Protection Challenge

One of the main challenges facing organizations today is identity-based attacks. Bad actors are using a wide range of techniques, from phishing and social engineering to supply chain attacks, business email compromise, and more. For many of these attacks, it would take a cybersecurity expert to spot the red flags. This has become a major problem for organizations. Talos, Cisco’s Threat Intelligence Group, found that 80% of breaches were caused by targeting users.

User Protection is a hot topic, and one many security buyers have been grappling with. Each time a new threat emerges, a new solution comes to the market to protect against that threat. In fact, large enterprises have, on average, 76 security products. This is leading to product complexity for security and IT teams and organizations are looking to simplify.

This is where Cisco, along with our partners, can provide a holistic approach to protecting users.

Cisco has investigated and researched this problem and when we asked security buyers what their top concern is, they said over and over that product complexity is the root of the challenge. So rather than continue the vendor-by-vendor approach, we asked if these same buyers would consider a suite to save time managing products, to make it easier to deploy products, and save money.

With the Cisco User Protection Suite, we offer a new approach to protecting users and only Cisco has the scale and network to inform our products to better protect our customers. With over 300,000 customers and over 550 billion security events per day, we see a lot. We are using this information to better protect our users so we know which malicious sites we should block, which IP addresses bad actors are using, or what behavioral indicators should trigger certain alerts.

Cisco User Protection Suite

The Cisco User Protection Suite provides a simplified, integrated user experience. User protection provides better efficacy through an integrated roadmap, comprehensive protection, and incorporates AI to transform management and secure outcomes.

More Info: 500-173: Designing the FlexPod Solution (FPDESIGN)

Products work together and provide customers with:

• Better experiences: enables your customers to be productive at their job with secure, seamless access to all resources
• Better economics: Work with one vendor to provide the breadth of solutions to protect your users – that means one contact, one contract, and one renewal.
• Better efficacy: improve your customers’ security posture, lower their risks, and keep their sensitive information safe.

Cisco User Protection Suite provides our partners with:

• Consolidating cybersecurity solutions under one vendor to simplify subscription management for partners
• Expanding the opportunity into an Enterprise Agreement (EA), making it much more difficult for competitive security providers to displace incumbency
• Collaborating with our customers as a trusted advisor and support customers on their user protection journey
• Improving efficiency and saving customers money, while providing a valuable business outcome

Drive demand and pipeline with Marketing Velocity Central

Did you know that partners who use Marketing Velocity Central (MVC) generate 4 times more pipeline than those who do not? As a benefit for being a Cisco registered partner, you can generate more pipeline and bookings by activating the User Protection campaign on Marketing Velocity Central.

MVC accelerates your time to market with ready-to-use content, customizable campaigns including email and social copy, images, logos, and shareable content to drive customer engagement.

To optimize your marketing campaigns, MVC also provides services such as:

• Co-branding: show your credibility by downloading and using your Cisco partnership logo through logo builder
• Customization: set yourself apart by picking a ready-to-go campaign, edit it and choose from the many images in our library
• Account-Based Targeting: upload and manage your list of contacts in one single place while tracking campaign engagement via a lead-scoring method
• Full-Service Activities: hire a third-party marketing agency to help you obtain even better results and use your Cisco marketing funds, or your own funds

Source: cisco.com

Continue reading

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting

Workload security tools draw the attention of diverse cohorts, united by a mission: fortifying hybrid cloud workloads. In a market filled with disparate tools, Secure Workload offers a tailored reporting solution that revolutionizes how SecOps, Network Administrators, and CxOs interact with their workload security solution.

A New Era of Informed Decision Making

Traditional workload security tools often fail to provide metrics tailored to the distinct needs of SecOps, Network Administrators, or CxOs. These tools fall short due to a lack of development focus on holistic user requirements and an inadequate understanding of the diverse metrics that each of them values.

For example, SecOps teams require detailed insights into Cisco Security Risk scores, workload vulnerabilities, and the effectiveness of security policies. NetOps, on the other hand, requires visibility into agent health and policy compliance, and CxOs need high-level summaries that demonstrate cost savings and ROI. Without these tailored insights, traditional tools fail to offer a comprehensive view of security effectiveness.

The shift towards DevSecOps, AI-driven security, and Cloud Native security has led to cumbersome back-and-forth communication and the need to share information across siloed network, security, and application development functions. In the past couple of years, we have seen a surge in productivity-enhancing feature requests from customers, driven by the challenges of siloed networks and security organizations not sharing information. This lack of integration highlights the critical need for a single pane of glass view that can provide a unified perspective of the organization’s security posture.

By consolidating data from various functions into one comprehensive dashboard, the Reporting Dashboard addresses these challenges facilitating smoother communication, enhanced collaboration, and more effective security management across all teams.

Addresses Challenges Directly

Let’s delve into the specific outcomes that the Reporting Dashboard delivers.

Reporting Dashboard Landing View

Data-driven Insights for CxO and SecOps

The feedback from CxO participants at Secure Workload’s Customer Advisory Board highlights the need for personalized reports that deliver actionable intelligence. The out-of-the-box summary of security, compliance, and evidence-based metrics is invaluable for the CxO. By showcasing the percentage of workloads protected with Secure Workload agent coverage on the license utilization chart and workspace policy coverage, SecOps can demonstrate tangible productivity gains to CxOs. Moreover, by quantifying the time savings in policy maintenance, SecOps, and Network Admins can provide CxOs with actionable analytics that illustrate the efficiency and effectiveness of their microsegmentation strategy.

This data-driven approach empowers CxOs to make informed decisions and strategically channel investments to optimize their company’s security posture.

Empower NetOps

NetOps enjoys enhanced visibility with the Reporting Dashboard, which provides a consolidated view of deployed agents and other assets. This allows NetOps to quickly identify and address agent issues, ensuring seamless operation of critical assets.

Policy Compliance is simplified through a single, unified view that highlights workspaces without enforcement and identifies policy discrepancies, and policy sync issues. This streamlined approach aids NetOps in ensuring policy compliance.

Insights from the Cluster Summary enable NetOps to establish retention policies for regulatory compliance and mitigate the risk of unauthorized access, while the Telemetry Summary provides a comprehensive view of telemetry sources and their health status enabling NetOps to swiftly identify and resolve issues.

The effectiveness of the ‘Telemetry Summary’ was validated when a customer shared their feedback –  “I like this quick viewpoint which should help troubleshoot duplicates.”​

Telemetry Summary section highlighting Inventory issues for NetOps

Elevate SecOps Productivity

◉ Prioritizing CVEs alleviates the challenge of CVE prioritization as shown in the image below.

◉ Providing workload summaries with enforcement status, enabling seamless policy enforcement assessment.

CVE Prioritization

Equipped with predefined rules and MITRE TTPs, CSW agents can detect suspicious application behavior with precision. Reporting Dashboard complements these capabilities by providing users with a brand-new intuitive experience.

Source: cisco.com

Continue reading

Bolster SaaS Security Posture Management with Zero Trust Architecture

According to AppOmni’s 2023 State of SaaS Security report, 79% of organizations reported a SaaS security incident during the preceding 12-month period. As enterprises incrementally store and process more sensitive data in SaaS applications, it is no surprise that the security of these applications has come into greater focus. Security Service Edge (SSE) solutions with Zero Trust Network Access (ZTNA) are a common way to securely connect the hybrid workforce to cloud applications.

Changes in the workplace, employee preferences, external users, and customer services have made remote access to cloud applications outside the corporate network or VPN commonplace. Simultaneously, changes in SaaS usage and data with access by both human and machine identities, new compliance requirements, and cloud-to-cloud connectivity between SaaS applications have created new risks that security teams need to address.

This article describes how Cisco and AppOmni have teamed to extend zero trust principles to secure SaaS applications and data with a closed loop zero trust architecture.

Introducing Zero Trust Posture Management

The myriad SaaS applications used by today’s organizations are procured, configured, and managed by multiple departmental owners or business units with little or no visibility to security teams. Nearly all SaaS breaches involve some violation of implicit trust models — for example, a user in a sales operation role can grant Salesforce access to guest users; a test user is able to create new users and grant them new privileges. These scenarios are all too common with how SaaS applications and users are set up.

Zero-trust architectures are built by granting explicit trust that is continuously assessed based on identity and contextual risks. If such zero-trust principles can be extended to SaaS applications, policies would be designed, maintained, and monitored such that SaaS identities would never be implicitly trusted and always verified regardless of the location of the user. This zero-trust model for SaaS needs to be implemented using the just-in-time context of the application, data access, users, behavior, and events. It should be able to work together with the ZTNA controls to give security teams better mechanisms to prevent, detect, and react to attackers at the application level. These capabilities are collectively called Zero Trust Posture Management (ZTPM) for SaaS applications.

Cisco Secure Access and AppOmni SaaS Security Platform

Cisco Secure Access provides a robust, cloud-delivered SSE solution that is grounded in zero trust and delivers protected access from any user to any application. Cisco Secure Access simplifies IT operations through a single, cloud-managed console, unified client, centralized policy creation, and aggregated reporting. Extensive security capabilities are converged in one solution (ZTNA, secure web gateway, cloud access security broker, firewall as a service, DNS-layer security, remote browser isolation, and more) to mitigate risk by applying zero trust principles and to enforce granular security policies.

As a complement to Cisco’s zero trust access approach, AppOmni has implemented ZTPM principles to fill a critical void in traditional zero trust implementations by securing the application layer regardless of access location with unparalleled visibility into configurations, security postures, SaaS identities (human and machine), and user behaviors within SaaS applications. It ensures that the principles of zero trust are embedded deeply within the applications that manage and process vital business data.

Closed-Loop Zero Trust Implementation with Cisco and AppOmni

How ZTPM Complements ZTNA

While Cisco Secure Access provides seamless and managed access to internal and external applications based on identity and device posture, AppOmni extends this security through the application layer.

Cisco Secure Access delivers:

• Secure access to all applications including those involving non-standard protocols as well as those based on multi-channel and client-to-client architectures
• A single unified management console across all security modules
• Comprehensive ‘best-of-breed’ security capabilities, consistent rulesets, and entails a minimal learning curve
• Resilient cloud-native architecture with extensive end-user count scalability, efficient single-pass processing for faster responses
• Automatic load distribution and rebalancing of traffic fosters better performance

AppOmni ZTPM capabilities include:

• Visibility into data access configuration and least privilege within SaaS applications
• Security coverage for all SaaS identities (human and machine) i.e. external users, anonymous/ guest-users, and third party or cloud-to-cloud applications
• Application and identity-aware threat detection to monitor user behavior of internal and external users
• Continuous security of application posture, configuration drift, and critical application components of SaaS applications
• Identify and mitigate misconfigurations such as side-loaded accounts or misconfigured Single Sign On (SSO) that may allow bypassing of ZTNA controls and protect your users from password attacks and account compromise

Continuous visibility into app configurations and activities enables a critical feedback loop in a zero-trust architecture. This approach uses a user’s permissions, data access entitlements, and behaviors to dynamically adjust security measures or to terminate access based on suspicious activities.

Additionally, AppOmni enhances the integrity of the ZTNA capabilities provided by Cisco Secure Access by identifying potential application misconfigurations that could lead to bypassing ZTNA controls. By implementing zero trust principles across their applications, customers can detect unmanaged accounts, inadequate IP restrictions, and other security vulnerabilities. Such proactive identification helps user and access settings from undermining ZTNA protections, thereby safeguarding users and data against phishing and other attacks.

Source: cisco.com

Continue reading

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion

In conversations with customers about cloud infrastructure, I routinely hear two challenges when it comes to scaling their cloud deployments, these challenges include:

• Achieving secure connectivity across clouds, virtual private clouds (VPCs), regions, and on-premises networks
• Ensuring security is baked into the network architecture from the start.

As customers grow their cloud environment, the increasing number of VPCs and regions leads to a complex mesh of connections to ensure their applications and users can access the applications they need, regardless of on-premises or in the cloud. These interwoven spiderwebs of connections make it difficult for IT teams to properly establish secure connectivity throughout the infrastructure which increases management complexity and hinders scale. Because of the challenges organizations face in multi-VPC and multi-region deployments, customers are increasingly transitioning to cloud wide area networks (WAN) services, driven by the desire to centralize and streamline how they manage their network topology and security.

AWS Cloud WAN simplifies how customers build, manage, and monitor their WANs by automating the connectivity between branch offices, data centers, VPCs through automation and a rich dashboard. Customers can use network policies to automate network management and security tasks from a single place eliminating the need to create the complex mesh of traditional VPC peering. Recently, Amazon Web Services (AWS) enhanced AWS Cloud WAN to simplify inserting security services or VPC into these connections. This feature enables customers to integrate their Cisco security services into their network with AWS Cloud WAN, significantly simplifying how they add security into their network.

With the release of AWS’ service insertion feature as part of Cloud WAN, I am pleased to announce Cisco Secure Firewall Threat Defense Virtual and Cisco Multicloud Defense support for AWS Cloud WAN. With this support, customers can seamlessly integrate Cisco cloud firewalls into their Cloud WAN managed network topology, eliminating the need for complicated routing configurations to ensure the security of their environment. Instead, they can route traffic to their Cisco cloud firewall using the AWS Management Console or API.

Cisco’s cloud firewalls

Cisco provides two best-in-class solutions to help customers secure their cloud environments:

• Cisco Secure Firewall Threat Defense Virtual (formerly FTDv) is the virtualized option of the Secure Firewall Threat Defense solution, enabling you to extend your network security capabilities from on-premises into the cloud, gaining a complete view of your network environment.
• Cisco Multicloud Defense is a cloud-native security-as-a-service offering that automatically scales to secure your cloud applications wherever they’re deployed. Multicloud Defense offers the same infrastructure automation that you expect from a cloud service, making your security as easy to deploy as your application is.

Benefits of Cisco cloud firewalls with Cloud WAN

Utilizing Cisco cloud firewalls in conjunction with AWS Cloud WAN to enhance the protection of global network traffic offers customers significant operational benefits, including:

• Unified Infrastructure for Security and Global Networking: AWS Cloud WAN offers a unified infrastructure designed for extensive AWS deployments worldwide. The integration of Cisco’s cloud firewalls with AWS Cloud WAN equips organizations with superior security measures for protecting traffic within regions, between regions, and from on-premises networks to cloud environments.
• Simplified Multi-Regional Security Deployment: Many enterprises utilizing AWS Cloud WAN establish multi-regional networks to facilitate regional growth or implement disaster recovery strategies. The new service insertion feature streamlines the deployment across multiple regions, enabling straightforward traffic routing for both intra- and inter-regional flows through the security infrastructure, thereby eliminating the complexity associated with intricate multi-regional network arrangements.
• Seamless integration: Customers often need inter-VPC, VPC-to-internet, or on-premises-to-VPC traffic inspected. With Cisco’s cloud firewalls supporting AWS Cloud WAN Services Insertion, customers can easily steer network traffic for inspection without creating and managing complex routing configurations.
• Ease of management: Customers are constantly looking to simplify operational complexities. Cisco’s cloud firewall does all the heavy lifting in deployment and management, allowing customers to focus on their business priorities.

Figure 1: Multicloud defense architecture in Cloud WAN

Cisco Cloud Firewall with AWS Cloud WAN

Because Cloud WAN operates globally, the best practice is to deploy your Cisco cloud firewalls within the same AWS regions as your application. This ensures that there aren’t any single region dependencies, latency, or bandwidth challenges when securing your network connectivity.

Wrap up

We’re excited for customers to take advantage of this new capability from Cisco and AWS, enabling them to simplify how they secure their increasingly complex cloud deployments.

Source: cisco.com

Continue reading

Cisco Secure Connect: The Turn-Key SASE Solution for Managed Service Providers

We understand that Managed Service Providers (MSPs) are always on the lookout for solutions that can streamline their service delivery while ensuring top-notch security for their clients. Cisco Secure Connect stands out as a turnkey Secure Access Service Edge (SASE) offering that simplifies the deployment and management of multi-customer SASE environments. Here’s why MSPs should be paying attention to Cisco Secure Connect and considering it for their managed service offerings.

What is Cisco Secure Connect?

Cisco Secure Connect is a unified SASE solution that enables secure access to applications and resources no matter where they are hosted, from any location and at any time. It is built on the robust Meraki platform, bringing together networking and security services through a single, user-friendly interface, simplifying the management of complex multi-cloud environments.

Why Should MSPs Care?

Secure Connect MSP portal capabilities are inherited from the existing Meraki MSP architecture. For MSPs, operational efficiency and the ability to provide a seamless service experience are critical. Cisco Secure Connect, with its new Meraki GUI, enhances the admin experience by streamlining workflows, allowing for easier deployment, usage, and management through a unified cloud dashboard. This improves agility, speed, and scalability, reducing operational complexities.

Cisco Secure Connect MSP Architecture

The Global Overview Page, replacing the older “MSP portal page” and offering a summary view of all customer environments. This allows MSP admins to manage multiple organizations with a single login, while still maintaining customer privacy as each organization’s licensing, inventory, users, and configurations are treated independently. The global dashboard is customizable to select and display the required columns. Also the view can change based on “Organisations”, “ Networks” or “Network Tags”.

Cisco Secure Connect Global Overview Page

Benefits of Adding Cisco Secure Connect to Your Managed Offering

Easy Operations: Raise support tickets directly from each organization’s page on Secure Connect. The platform provides unified support, making troubleshooting for both network (Meraki) and security (Umbrella) simpler.

Global Overview Page: serves as the command centre. This page has been enhanced with a new “Ticket” column, so MSP admins can view and manage support tickets for each organization with ease.

Dashboard Branding: Cisco Secure Connect allows MSPs to brand their dashboard, providing a personalized experience for clients. If this feature isn’t visible, MSPs can request activation through a support ticket.

Automation: Cisco is introducing an integrated API for Secure Connect, consolidating what used to require separate calls to Meraki and Umbrella APIs. This streamlines automation workflows and maintains a unified platform approach.

Monetization: Cisco Secure Connect is based on the Meraki cloud platform, enabling MSPs to upsell additional services without added management overhead. For instance, MSPs can extend their offerings to include physical security by provisioning Meraki smart cameras, all managed from the same portal.

Final Thoughts

Don’t hesitate to reach out to your existing Meraki SD-WAN customers and discuss layering security for secure internet and cloud access. With Cisco Secure Connect, you can augment your managed SD-WAN offering by adding security features with just a few clicks, providing a comprehensive SASE experience.

MSPs looking to simplify their operations while expanding their service portfolio should consider Cisco Secure Connect as a strategic addition to their managed services. It’s a solution that not only brings efficiency but also opens the door to new revenue opportunities.

Source: cisco.com

Continue reading