Showing posts with label Cisco SD-WAN. Show all posts
Showing posts with label Cisco SD-WAN. Show all posts

Wednesday, 20 November 2024

Identity-centric SASE with Cisco SD-WAN and Microsoft’s Security Service Edge Solution

Identity-centric SASE with Cisco SD-WAN and Microsoft’s Security Service Edge Solution

In today’s rapidly evolving IT landscape, enterprise WAN requirements have evolved with hybrid work becoming the norm. Security for both on-premises and cloud workloads is crucial, especially for secure access to the internet, Microsoft applications, and other critical office applications. Organizations need a flexible solution that protects against advanced threats, optimizes application performance, and simplifies network management.

Cisco Catalyst SD-WAN offers unparalleled choice, meeting customers where they are in their security journey and supporting an open ecosystem. Catalyst SD-WAN allows customers to build secure access service edge (SASE) architectures tailored to their business needs by seamlessly integrating with a broad spectrum of third-party secure service edge (SSE) vendors and, now, Microsoft.These integrations help organizations maximize their investment in cloud security by simplifying the integration process with Catalyst SD-WAN.

Bridging the Gap Between Networking and Security


With Cisco Catalyst SD-WAN and Microsoft, businesses can enjoy a more unified and consistent experience for networking and security, all managed through a single dashboard.

The new integration with Microsoft’s Security Service Edge solution (SSE) bridges the gap between connectivity and protection, ensuring that data transmitted across the network is not only optimized for performance but also safeguarded against threats. Combining Cisco Catalyst SD-WAN with Microsoft’s SSE solution delivers a resilient, high-performance, and scalable WAN alongside a comprehensive suite of cloud-based security services designed to protect data, manage risks, and ensure compliance.

Key Benefits of the Microsoft’s SSE Solution Integration


Cisco Catalyst SD-WAN and Microsoft’s SSE solution integration provides secure access to the internet and SaaS applications with an identity-centric secure web gateway (SWG). This integration enhances the security of branch internet traffic by efficiently redirecting it through Microsoft Entra Internet Access, part of Microsoft’s SSE solution, for secure inspection, helping ensure that traffic from branch edges to the public internet or SaaS applications is thoroughly protected. The result is a secure networking solution that offers peace of mind and operational efficiency for enterprise customers.

  • Enhanced security posture: Branch internet traffic is securely redirected to Microsoft’s Security Service Edge solution for advanced inspection and protection against internet-based threats, helping to ensure secure access to public internet and Microsoft SaaS applications. IT teams gain AI-powered visibility into network traffic and security events, enabling fast detection and response to threats.
  • Improved cloud security: The integration leverages Microsoft’s advanced security capabilities to protect against malicious internet traffic and other cyberthreats with a comprehensive, cloud-delivered network security toolset that includes web content filtering, threat protection, information protection, and identity management.
  • Seamless deployment and configuration: This integration simplifies the deployment and management process by providing an integrated solution for both networking and security. A single solution helps you to reduce operational complexity by eliminating the need for multiple point products, simplifying management, and helping you deliver a unified experience for your users. With a few clicks users can deploy thousands of branches, providing ease of configuration and the added advantage of using a Cisco validated design. Templatized workflows using SIG templates makes setup easy with end-to-end validation and enables organizations to quickly deploy new applications and services.

Identity-centric SASE with Cisco SD-WAN and Microsoft’s Security Service Edge Solution

How Microsoft’s SSE Solution Integration Works


  • Secure tunnels: Secure tunnels are created for advanced inspection, helping ensure that traffic to the internet and Microsoft SaaS applications is securely managed and enhancing bandwidth at the branch. Multiple tunnels with load balancing and ECMP give users the ability to select the nearest PoP/DC, perform an application health check through the tunnels, and steer traffic through the right tunnel.
  • Traffic redirection: Relevant traffic from SD-WAN branch edges is efficiently redirected to Microsoft’s SSE solution. Users are able to select specific users and traffic, such as applications or IP addresses, to be sent to Microsoft via tunnels instead of sent directly to the internet. Enabling traffic redirection gives users granular control over traffic and allows remote workers to connect to the internet securely.
  • Inspection and protection: Microsoft’s SSE solution inspects the traffic to provide robust protection against threats. Microsoft Entra Internet Access enforces unified access controls through a single policy engine and leverages multiple Entra ID integrations, including universal conditional access and continuous access evaluation (CAE), token theft protection, and data exfiltration controls.


Looking Ahead


As enterprise WAN requirements continue to evolve with hybrid work becoming the norm and applications spread across hybrid cloud and SaaS environments, both on-premises and cloud workload security are crucial. Organizations need a solution that protects against advanced threats, optimizes application performance, and simplifies network management. The Cisco Catalyst SD-WAN and Microsoft’s SSE solution integration is a forward-looking response to this need, offering businesses a powerful tool to navigate the complexities of modern networking and security challenges.

Source: cisco.com

Thursday, 25 April 2024

Understanding the Differences between SD-WAN and MPLS

Understanding the Differences between SD-WAN and MPLS

In the realm of networking, SD-WAN and MPLS are two terms that frequently arise, each offering distinct advantages and functionalities. In this comprehensive guide, we delve into the nuances of these technologies, providing clarity on their disparities and assisting you in making informed decisions for your network infrastructure.

What is SD-WAN?


SD-WAN, or Software-Defined Wide Area Network, is a modern approach to networking that utilizes software-defined networking (SDN) concepts to intelligently manage and optimize Wide Area Network (WAN) connections. Unlike traditional WAN setups that rely heavily on hardware, SD-WAN leverages software to dynamically route traffic across the network based on predefined policies and conditions.

Key Features of SD-WAN:


  1. Centralized Management: SD-WAN solutions offer centralized management interfaces that provide administrators with granular control over network configurations and traffic flow.
  2. Dynamic Path Selection: With SD-WAN, traffic is intelligently routed across multiple network paths, including broadband, MPLS, and LTE, based on real-time conditions such as link quality and latency.
  3. Application Awareness: SD-WAN platforms often incorporate deep packet inspection and application recognition capabilities, allowing for the prioritization of critical applications and traffic shaping based on application requirements.
  4. Cost Efficiency: By leveraging lower-cost internet connections alongside more expensive MPLS links, SD-WAN can significantly reduce WAN expenses without compromising performance or reliability.

Understanding MPLS


MPLS, or Multiprotocol Label Switching, is a legacy networking technology commonly used for building private, high-performance WANs. MPLS operates by assigning labels to network packets, enabling routers to make forwarding decisions based on these labels rather than IP addresses.

Key Features of MPLS:


  1. Traffic Engineering: MPLS networks support traffic engineering capabilities, allowing administrators to optimize network paths and allocate bandwidth efficiently.
  2. Quality of Service (QoS): MPLS offers robust QoS mechanisms, ensuring that critical applications receive the necessary bandwidth and latency guarantees to maintain optimal performance.
  3. Security: MPLS inherently provides a higher level of security compared to public internet connections, as traffic remains within the confines of the private MPLS network, reducing exposure to external threats.
  4. Reliability: MPLS networks are known for their reliability and predictability, making them ideal for applications that require consistent performance and uptime.

Contrasting SD-WAN and MPLS


While both SD-WAN and MPLS serve the purpose of connecting geographically dispersed locations within an organization, they differ significantly in terms of architecture, cost, and flexibility.

Architecture:

  • SD-WAN: SD-WAN architectures are decentralized and software-driven, offering flexibility and scalability to adapt to changing network requirements rapidly.
  • MPLS: MPLS networks are centralized and hardware-dependent, typically requiring substantial upfront investments in infrastructure and equipment.

Cost:

  • SD-WAN: SD-WAN solutions often provide cost savings compared to MPLS, particularly for organizations with diverse connectivity requirements or those seeking to augment MPLS with lower-cost internet links.
  • MPLS: MPLS services can be costly, primarily due to the need for dedicated circuits and long-term contracts with service providers.

Flexibility:

  • SD-WAN: SD-WAN architectures offer unparalleled flexibility, allowing organizations to seamlessly integrate various transport technologies and cloud services into their network environments.
  • MPLS: MPLS networks are less flexible, with limited support for cloud connectivity and scalability compared to SD-WAN solutions.

Conclusion

In summary, both SD-WAN and MPLS have their merits and are suited to different network environments and business requirements. SD-WAN excels in providing agility, cost efficiency, and flexibility, making it an attractive option for organizations seeking to modernize their network infrastructure. On the other hand, MPLS offers reliability, security, and quality of service, making it well-suited for mission-critical applications and industries with stringent compliance requirements.

Ultimately, the choice between SD-WAN and MPLS depends on factors such as budget, performance needs, and organizational priorities. By understanding the nuances of each technology, organizations can make informed decisions that align with their strategic objectives and drive business success.

Saturday, 18 November 2023

The Power of LTE 450 for Critical Infrastructure

The Power of LTE 450 for Critical Infrastructure

In case of disasters, a reliable communication network is critical. The emergency centers need to be able to exchange information to coordinate their response in the field. Service providers need to keep their network live. Power utilities need to be able to keep the electric grid up and running.

In Europe, the communication networks used to control components of the power grid and all other critical infrastructure, are required to remain operational for at least 24 hours in the event of a power failure. This is well beyond what most commercial cellular networks can offer.

The solution identified by the energy industry is LTE 450. Public protection and disaster recovery (PPDR) regulations in Germany, Scandinavia, and parts of Africa allow critical industries to reserve the 450 MHz band in their areas to deploy private LTE networks, replacing legacy public safety voice networks with technology capable of data transmission.

This means LTE 450 can offer privileged access to the network, without public mass market services.

A key differentiator of the LTE450 MHz band is its long-range coverage. The high frequencies can deliver higher data rates to any number of smart devices, but they are affected by rapid signal attenuation and require dense base station coverage. On the other hand, the 450 MHz band sits on the other side of the spectrum.

With commercial LTE, a complete countrywide network might require tens of thousands of base stations to achieve full geographical coverage. LTE 450 only takes a few thousand base stations to achieve the same coverage and requires less power at the edge. This results in:

  • A reduced number of base stations need to be kept up and running; it’s easier to manage the network.
  • It’s easier to reach rural areas due to the extended coverage.
  • Backup battery power can be used to continue to connect critical devices in the event of a power failure.

In addition, the reduced attenuation coming from the low frequency signals of LTE 450, allows increased penetration through walls and other solid materials, bringing obvious advantages for devices deployed indoors, underground and in other hard-to-reach locations.

Thus LTE 450 is a resilient cellular communication network tailored to the needs of mission and business critical use cases. Few examples:

  • a private wireless network to connect thousands of SCADA systems used to control and monitor substations and other renewable energy assets;
  • a public network to serve a broad range of power utilities, including water, gas, heat distribution networks and smart power grids.

Cisco solution for critical networks


Cisco has introduced an LTE 450Mhz plug in module for the popular Cisco Catalyst IR1101 Rugged Router. This platform provides the ability to connect to 450Mhz networks and additionally provides a second fallback module for private 4G, 5G or commercial cellular networks.

The Power of LTE 450 for Critical Infrastructure
Figure 1: The Catalyst IR1101 Rugged Router

Critical traffic (such as SCADA or other critical control traffic) can be routed via 450Mhz and non-critical traffic routed via the cellular connections.

The IR1101 rugged router also provides secure encrypted tunnels for critical traffic from the remote site to a secure headend (e.g., Utility control center).

For management of remotely deployed IR1101 routers, the Cisco Catalyst SD-WAN platform supports secure zero touch onboarding, provisioning, and visibility to allow IR1101 routers to be deployed easily in the field.

Source: cisco.com

Thursday, 19 October 2023

Forecasting Capacity in Cisco Catalyst SD-WAN

Organizations are increasingly adopting software-defined wide area networks (SD-WAN) to enhance network performance, reduce costs, and improve overall connectivity.

Using artificial intelligence (AI) and machine learning (ML) for IT operations (AIOps), Cisco SD-WAN enhances and simplifies network management by using predictive analytics based on AI and ML techniques. The result is a proactive tool to address potential network issues before they degrade network and application performance.

Features desired by networks operators for such proactive actions include:


  • Predictive Path Recommendations (PPR), which suggests preferred paths for various application groups at each site within an overlay based on long-term modeling of path quality.
  • Bandwidth forecast for capacity planning, giving operators insights into possible future network usage based on extensive past usage patterns.
  • Anomaly detection for network KPIs (tunnel loss, latency, jitter), application usage patterns with individual sites, and user application usage profile.
  • Application modeling to help network operators better understand the impact of rolling out new applications in the overlay so they can implement the correct policies for best performance and minimal impact.

We discussed PPR and demonstrated how it gives operators the best performance for applications on their fabric. In today’s post we will delve into Bandwidth Forecast. To fully leverage the benefits of SD-WAN, effective capacity planning is crucial to help ensure optimal network performance, less downtime, improved cost control, more seamless operations, and a superior user experience.

The Bandwidth Forecast feature takes a comprehensive approach to provide accurate predictions of circuit usage, providing visibility into which circuits are likely to breach the capacity threshold based on the predicted usage. This helps network operators monitor usage trends on the circuits and provides capacity planning for the overlay.

The forecasting is primarily based on the RX/TX bandwidth information of circuits in the WAN fabric. To ensure insights use underlying long-term trends, the circuit usage data is aggregated as daily data points while tracking daily Min/Max ranges. Aggregated data over extended periods is used to generate a forecast for up to three months in the future.

Various other features within this data set can be further leveraged to enhance forecast accuracy. These include:

  • Type of circuit (e.g., MPLS, private internet, LTE)
  • Type of applications using the circuit (i.e., top 10 applications and their respective volume)
  • Number of users at the site served by the circuit
  • Regional holiday list and bandwidth information features

To achieve the best forecast possible, a combination of common predictors and those based on deep learning techniques are used to generate more reliable and robust forecasts.

Forecasting Capacity in Cisco Catalyst SD-WAN
Pre-processing of interface statistics for training and inference pipeline (Click image to enlarge)

Forecast quality is continuously monitored for accuracy. If any data or model drift or deviation from expected results is observed, retraining of the model is triggered based on updated data sets to improve model accuracy. Furthermore, forecasts are assessed for long-term overestimation or underestimation, ensuring that it faithfully predicts the bandwidth to assist network operators in capacity planning and decision-making process.

The Bandwidth Forecast feature in Cisco SD-WAN Analytics helps give network operators a better understanding of the following:


  • Growth Trends: By analyzing historical data presented side by side with the forecast, organizations can identify patterns and anticipate future bandwidth demands. This empowers them to plan for anticipated growth without disruptions.
  • Seasonality: Long-term visibility into seasonality of usage over the historical period over which the training data set is derived from. The daily, weekly, and monthly seasonality is also factored in while making the forecast and the pattern continues into the forecasted data points.
  • Surge: Although visibility is provided into historical surge usage in the overlay so network operators can correlate it to global events (e.g., Black Friday) or internal events (e.g., company all-hands video stream), the model is effective in minimizing the impact of such data points while making long-term forecasts.
  • Min/Max Band: The daily data points for forecast has three components, Min, Mean, and Max. The forecast is presented with emphasis on the daily mean value while still showing a Min/Max Band so that the network operators can get insights into usage spikes within the day.
  • Model/Forecast Performance: Historical usage data is presented along with the past forecast data points for a quick visual comparison of how the forecast performed against actual recorded values in the past.

User interface


The Bandwidth Forecast feature can be activated for a specific overlay in the Catalyst SD-WAN Analytics Dashboard. This appears under the “Predictive Network” tab. Users can choose the circuits in the overlay for the forecast generation.

A table of circuits with all related metrics such as site or provider info, RX/TX bandwidth, and total usage is displayed, helping users select the circuits for which they want to visualize Bandwidth Forecast details. The minimum data set requirement for forecasts to be generated is 12 weeks of historical daily data points for each circuit.

The workflow is subject to the following:


  • The table shows only circuits configured on physical interfaces and this will exclude any circuits configured on logical interfaces (e.g., sub-interfaces, loopback, dialer-group).
  • Default sorting is based on descending order of RX/TX bandwidth, which helps bubble most heavily used circuits to the top of the table. The chart display is used to show the forecast for the Top Circuit.
  • Users can select any other circuit by clicking on the checkbox.
  • Users can search and sort as they wish to isolate specific circuits of interest.

Forecasting Capacity in Cisco Catalyst SD-WAN
Table of circuits and their metrics [Click image to enlarge]

Forecasting Capacity in Cisco Catalyst SD-WAN
Bandwidth Forecast for selected circuit showing actual and predicted (dotted) values [Click image to enlarge]

Metrics


Accurate bandwidth forecasting is critical in capacity planning. One key metric is the accuracy of the forecasted bandwidth requirements. A successful forecast should closely align with the actual capacity goals for your business. The current solution computes mean absolute percentage error (MAPE) and mean absolute scaled error (MASE) scores in addition to tracking percentiles. Any of these can be used as the optimization target for the predictors used. The choice of target metrics for the predictors can be specified as per the needs for a specific overlay or use case.

By accurately predicting bandwidth requirements, organizations can optimize traffic routing, provision appropriate link capacities, manage QoS effectively, plan for scalability, and ensure adherence to SLAs. This proactive approach enables businesses to leverage the full potential of SD-WAN, delivering enhanced network performance, improved user experiences, and the ability to adapt to changing business needs. As organizations embrace the digital transformation journey, incorporating bandwidth forecast in SD-WAN capacity planning becomes a key strategy for success.

Source: cisco.com

Saturday, 14 October 2023

Securing the Modern Hyper-Distributed Network: Perspectives from the 2023 Gartner Magic Quadrant for SD-WAN

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Tutorial and Materials, Cisco Guides

A typical day’s tasks for today’s modern worker are frequently distributed across multiple devices, applications, and locations. They could be working from home, analyzing CRM dashboards, and later, they might be at a coffee shop reviewing slides for an upcoming customer meeting. Perhaps they then head into the office for team meetings, followed by catching up with emails and messages on the commute home.

For a networking and security leader, a typical day looks very different. Those individuals need to ensure that the WAN is delivering a superior app performance connecting users to applications wherever they are. They also need to know if an untrusted device is being used to access confidential CRM dashboards. How is network traffic being secured outside the office? How are apps and services being accessed and secured?

Multiply these security concerns by the number of employees at numerous office locations, and then factor in technology-led business transformation initiatives, and we start to understand the complexity facing IT to secure and connect hyper-distributed users and resources everywhere.

Choose the right security


We hear you loud and clear—security and high performance are top priorities. In the face of constant change and increasing complexity—especially over the WAN—organizations must implement security technologies that converge with their SD-WAN, enforcing them as close as possible to users and workloads. For the most effective implementation, this will require security hosted on-premises and in the cloud that ensures the best possible app performance.

The importance of security with SD-WAN was acknowledge by Gartner in its recently published 2023 Magic Quadrant for SD-WAN report, which provides an annual evaluation of the SD-WAN market for IT leaders. We feel this year’s report includes the most thorough assessment of security capabilities—hosted on-premises and in the cloud—since Gartner Magic Quadrant for SD-WAN began.

In 2023, Cisco was named a Leader for the fourth consecutive year.

At Cisco, we work closely with our customers and partners to better understand their challenges so we can build products and solutions that support their long-term goals. These continued partnerships provide us with the insight to deeply ingrain advanced security technologies into Cisco SD-WAN.

  • The right security: Stateful firewall, intrusion detection systems (IDS), intrusion prevention systems (IPS), advanced malware protection (AMP), URL filtering, HTTPS inspection, data loss prevention (DLP), cloud access security broker (CASB), and more—are all natively informed by the world’s largest commercial threat intelligence team, Talos.
  • Hosted in the right place: On-premises or in the cloud (native or third party) hosting ensures that security policies are enforced closely to workloads and users.
  • SASE your way: WAN appliances provide the building blocks to effortlessly chart your own journey.

Seek real-world validation


With a highly dense market of network security technologies and products to choose from, understanding which solutions will perform best for your environment and be the right long-term strategic fit can be confusing. While there is no substitute for testing solutions in a production environment, independent testing that mirrors real-world conditions can help identify top performers and refine a shortlist.

Miercom, a leading independent product test center, conducted a thorough evaluation of Cisco’s security and SD-WAN technologies delivered through Cisco Catalyst and Meraki WAN appliances. These tests were meticulously designed to match real-world conditions as closely as possible, instead of a theoretical laboratory environment.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Tutorial and Materials, Cisco Guides
Figure 1. According to leading independent product test center Miercom, Cisco’s malware efficacy is 25% better than the industry average. Across 11 malware exploit categories, Cisco averaged 98% malware efficacy.

Maximize your WAN


The WAN is central to an organization’s success. In addition to an uncompromising commitment to security, we continue to push Cisco SD-WAN beyond traditional expectations to help IT leaders maximize the potential of the WAN for their business through:

  • Delivering high performance, irrespective of where users and workloads live, to provide a superior experience wherever users and workloads are.
  • Simplifying cloud migration with integration and streamlined workflows for AWS Cloud WAN and Microsoft Azure Virtual WAN.
  • Enabling secure, long-term remote work strategies with Meraki Z4 and Catalyst CG113 secure teleworker gateways.
  • Providing continuous visibility across all the hyper-distributed internal and external domains with instant activation of Cisco ThousandEyes, which leverages predictive patch recommendations (PPR) to deliver proactive feedback, enhancing the user experience for critical application performance across the SD-WAN fabric.
  • Enabling agile business models using 5G fixed wireless access through indoor and outdoor Meraki MG51 and Catalyst CG522 cellular gateways.

Build a long-term strategy for simplicity


At Cisco, we’re committed to helping organizations simplify IT. Our vision is to create a simpler network management platform experience to help customers easily access and manage Cisco networking products from one place—the Cisco Networking Cloud.

The distribution of users and resources will continue to evolve along with the IT landscape, creating new complexities along the way. Simplifying the IT experience enables IT to better automate, analyze, and diagnose issues—supporting a framework that is well-positioned to evolve alongside the modern hyper-distributed network and helping to secure and connect hyper-distributed users and resources, no matter where they are located.

Source: cisco.com

Thursday, 12 October 2023

End-to-End Visibility and Actionable Insights Underpin Great Connected Experiences

Three networking megatrends have upended how businesses approach networking to support the distributed workforce.

First, cloud has become the new data center, with workloads moving from on-premises to hybrid cloud and multicloud architectures. Secondly, the internet is now the new network, with reliance on business connectivity traversing diverse networking domains. And lastly, with so many remote and hybrid workers, the office is now essentially anywhere.

This evolution has made delivering a high-quality, reliable experience—connecting everyone to everything everywhere—significantly more complex. After the need to provide secure access to applications across multiple clouds, the second biggest challenge cited by 37% of respondents in our 2023 Global Networking Trends Report was gaining end-to-end visibility into network performance and security as more traffic originates or terminates beyond the boundaries of the corporate network.

Which begs the question: How do you identify, diagnose, and remediate problems that occur throughout the digital supply chain—the domains within and outside your infrastructure and all hops between a user’s device and an application or service in the cloud? Read on to find out how.

Tackling assurance complexity across multiple network domains


Great connected experiences are table stakes for businesses today. The digital economy relies on always-on applications and services to support employees and consumers. Failure is not an option.

Prior to the hyperconnectivity of today’s digital economy, business applications and services within corporate domains were well served by network monitoring solutions and processes that were localized and handled specific domains like wireless. But to remediate issues in enterprise WANs, admins had to contact their counterparts within cloud and internet provider organizations to jointly diagnose and remediate service and security problems. Often, this resulted in a lot of finger pointing. Businesses acted reactively instead of proactively. Issues could take a long time to get resolved.

Providing network assurance for a high-quality connected experience today requires end-to-end visibility and insights across diverse clouds, network providers, the internet, devices, and geographies—each with their own operational domains (see Figure 1). Without end-to-end visibility into network performance, application responsiveness, and security, it is extremely challenging for IT teams to deliver consistent digital experiences to end users.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Preparation, Cisco Guides, Cisco Learning, Cisco Tutorial and Materials
Figure 1. Complex digital supply chain with interdependencies, increased failure surface, and unpredictability (click to enlarge)

A person working from home, for example, might run into a problem with Slack. The wireless network in their home office would be connected to an access network that would be connected to an edge router traversing a cloud network to the Slack application. Domain-specific tools can only see a small segment of this traffic. Admins without end-to-end visibility can’t see the big picture.

End-to-end visibility is foundational for SASE


A majority (51%) of organizations in our 2023 Global Networking Trends Report said that with their adoption of more software-as-a-service (SaaS) and multicloud solutions, they see investment in a solution that provides end-to-end visibility as a top priority. This may be in response to recent research by the Uptime Institute that found third-party operators—including cloud, hosting, colocation, and telecom providers—accounted for 70% of all publicly reported outages.

End-to-end visibility, analytics, and operational workflows allow admins to take decisive action to proactively remediate connectivity issues. In a secure access service edge (SASE) architecture, for example, end-to-end visibility feeds the actionable intelligence used to optimize path selection to provide the best digital experience anywhere at any time. Reliable connectivity is foundational to securely connecting people and things in a SASE architecture. If connectivity is poor, the secure access experience will be degraded.

Even before an SD-WAN or a converged SASE architecture with security service edge (SSE) is rolled out, organizations can use end-to-end visibility to evaluate, compare, and optimize the network experience before and after adoption of these architectures. The performance of individual providers in different locations that each form part of a digital supply chain can be proactively tested and benchmarked, with the results used to make more informed vendor selections to ensure the delivery of always-on digital experiences.

Gaining visibility into every connection


A European airline transitioned its network infrastructure from MPLS to SD-WAN, moving many applications and services to the cloud. The company needed to make sure that services met agreed-upon service level agreements (SLAs). To do so, the IT department deployed end-to-end visibility, specifically to monitor and enhance the digital experiences of customers and employees. With this solution in place, the airline can now measure connection latency and other factors—with a specific focus on connections between its data center and the cloud provider, Amazon Web Services. They can continually monitor and prioritize network experiences by accelerating incident response times, introduce more proactive maintenance, and enjoy greater cost efficiency through streamlined troubleshooting.

RichRelevance, a customer experience personalization provider for 250 global retailers, reduced its outages by 88% and shrunk outage windows from an average of four hours to 30 minutes, all thanks to end-to-end visibility. IT service management software company ServiceNow identified network issues 95% faster for their customers with visibility across all network layers that focused on the application experience.

Enabling quality digital experiences through a networking platform approach


Cisco is pioneering end-to-end network visibility and driving exceptional experiences through operational simplicity. It’s a cornerstone of our Cisco Networking Cloud long-term vision, a unified management experience platform for on-premises and cloud operating models to reduce IT complexity.

End-to-end visibility relies on compute power to capture and analyze billions of daily measurements in the digital supply chains that comprise today’s enterprise networks (see Figure 2). It is a powerful and indispensable feature that helps organizations maintain top-quality digital experiences and move from reactive to preventative and automated operations.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Preparation, Cisco Guides, Cisco Learning, Cisco Tutorial and Materials
Figure 2. Organizations need to leverage a platform-driven approach that drives end-to-end visibility throughout the digital supply chain (click to enlarge)

Thursday, 24 August 2023

How SD-WAN Solves Multicloud Complexity

Cloud is the undisputed center of gravity when supporting distributed workforces. But managing secure connectivity in a growing multicloud environment continues to be more complex, expensive, and time consuming.

Enter the software-defined WAN (SD-WAN), a powerful, abstracted software layer that serves as a centralized control plane to enable organizations to automate, simplify, and optimize their network transport for any application to any cloud.   

Are you ready to steer traffic on demand, based on centralized policy, network insights, and predictive AI, and further enhanced by end-to-end visibility? Do you want to be more proactive instead of reactive in how you manage this traffic and run your network? If so, read on! 

Abstracting the complexity of multicloud 

Enterprises accelerated their transition to cloud and software-as-a-service (SaaS) during the pandemic to support their distributed workforces at home and on the go. This has seen multicloud environments become the norm. Our 2023 Global Networking Trends Report found that 92% of respondents used more than one public cloud in their infrastructure and 69% used over five SaaS applications.  

Connecting to different providers and network layers in multicloud environments has led to a patchwork of infrastructure and management controllers. This results in more complexity and cost for organizations looking to ensure a secure, consistent user experience.  

Networking complexity, from first to last mile 

Let’s look at these networking layers and why IT simplification is crucial in connecting today’s highly mobile workforce to business-critical applications.  

In the first mile, users access services from offices and campuses near data centers or remotely, from uncontrolled facilities using various devices (Figure 1). Workers connect through Multiprotocol Label Switching (MPLS), broadband, Wi-Fi, and cellular. Remote workers use their internet service provider (ISP) to connect them to concentrators at regional peering points of presence (PoPs).

SD-WAN Solves Multicloud Complexity, Cisco Career, Cisco Skills, Cisco Prep, Cisco Preparation, Cisco Skills
Figure 1. New architecture for the distributed workplace  

The middle mile is the long-haul transport layer that has grown in complexity with the migration to the cloud. It serves as the connective tissue between first and last mile, interconnecting different types of cloud services, cloud applications (e.g., SaaS, IaaS), and data centers. Specialized middle-mile providers like Equinix and Megaport provide cross-connects between business networks, the internet, and cloud providers globally. Adding to the array of choices in the middle mile, public cloud providers like AWS, Google Cloud, and Microsoft Azure offer customers the ability to access their apps with site-to-cloud, site-to-site, region-to-region, cloud-to-cloud, and other connection options with different quality of experience metrics.  

The last mile is the connection between the data center or service provider and the end user’s device and application.    

Managing multicloud complexity with SD-WAN integrations  


Using applications distributed across multiple clouds and SaaS, workers have widely different experiences depending on their location. Adverse and unpredictable amounts of downtime, latency, and speed, for example, can threaten business continuity. So, establishing reliable, consistent, high-quality experiences is very much on the minds of enterprise IT managers today. 

More than half (53%) of respondents to the 2023 Global Networking Trends Report said they are prioritizing integration with cloud providers to improve connectivity to cloud-based apps from distributed locations. Additionally, 49% said they are using SD-WAN integrations across providers and multiple clouds to provide a simpler, consistent, optimized, and secure IT and application experience. 

SD-WAN unifies the entire WAN backbone and brings secure, private, cloud-aware connectivity that is agnostic to all kinds of link types, providers, and geographies (Figure 2).  

SD-WAN Solves Multicloud Complexity, Cisco Career, Cisco Skills, Cisco Prep, Cisco Preparation, Cisco Skills
Figure 2. SD-WAN integrations with IaaS, SaaS, and middle-mile providers are vital for a better IT and user experience 

With SD-WAN providing connectivity between cloud, SaaS, and middle-mile providers, real-time traffic steering based on centralized policy and end-to-end analytics is possible. Network admins can be proactive instead of reactive, changing traffic parameters on demand, according to application, congestion, location, user, device, and other factors. 

SD-WAN multicloud integrations in action 


Tamimi Markets, a major Saudi Arabian supermarket chain, was having trouble providing a consistent experience to users at markets, warehouses, branch offices, and remote locations. Dependent on three ISPs for end-to-end connectivity in a hub-and-spoke architecture, they moved to a cloud architecture to eliminate the need to backhaul network traffic through the headquarters and in the process quadrupled bandwidth speeds. An integrated SD-WAN enables them to steer their traffic over a variety of link options based on network demand, cost, and quality of experience metrics.  

Asian food manufacturer Universal Robina Corporation shifted to a multicloud architecture to support remote workers after the pandemic. It uses SD-WAN to connect users and apps to its multicloud architecture securely, wherever they are located. The multicloud integrations enable secure connectivity from branches to the Microsoft Azure cloud and with Microsoft 365 for a superior application experience with informed network routing (INR) that enables the exchange of telemetry between Cisco and Microsoft while providing full visibility to Universal Robina’s IT team. 

Foundational for a SASE architecture 


Another benefit of SD-WAN is that it is one half of a converged secure access service edge (SASE) architecture. SASE radically simplifies security and networking through unified and centralized management to connect users to applications in complex and highly distributed environments. By combining SD-WAN networking infrastructure and routing traffic through a cloud-centric security service edge (SSE) solution, companies can maintain the same level of security for cloud users as data center users (Figure 3).


SD-WAN Solves Multicloud Complexity, Cisco Career, Cisco Skills, Cisco Prep, Cisco Preparation, Cisco Skills
Figure 3. SD-WAN is foundational to a SASE architecture 

It’s a multicloud world and SD-WAN―with tight integrations to leading cloud, SaaS, and middle-mile providers―is the connective tissue from first mile to last, managing complexity and driving agility throughout sprawling multicloud environments.

What’s more, SD-WAN multicloud integrations bring together each organization’s many different types of transport connections and policies under one management system for secure, consistent service.

The cost savings from automation and the ability to steer traffic on demand with optimized routing are further compelling reasons why SD-WAN continues to grow in popularity. Once established, these features enable IT departments to build an optimized global network in a simplified, fully automated way, within hours. 

Source: cisco.com

Tuesday, 4 July 2023

Make Your WAN Connectivity an Extraordinary Experience

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
Alan Dapré, author of more than 60 children’s books said, “Why be ordinary when you can be extraordinary?” You may be thinking that “extraordinary” is not a term commonly associated with network connectivity. Shouldn’t it just be like water coming out of the faucet? A utility that is … well … ordinary?

Extraordinary is an enhanced experience. And the Cisco Networking Cloud vision enables you to create an enhanced experience that your users refer to as extraordinary. With our latest SD-WAN product enhancements, we’ve made it easier for you to deliver that exceptional experience to them.

SD-WAN: New name and additional deployment option


At Cisco Live in Las Vegas, we announced the rebranding of the Viptela technology solution from Cisco SD-WAN to Cisco Catalyst SD-WAN. The Catalyst brand has always stood for the industry’s most powerful switching, wireless, and routing platforms. This name change not only provides consistent alignment with the Catalyst brand of our routing hardware, but also with our access, data center, and cloud solutions—and drives brand simplification. Cisco’s SD-WAN portfolio includes both Catalyst SD-WAN and Meraki SD-WAN fabrics to provide the most versatile solutions regardless of your use case.

Deployment options for SD-WAN connectivity


Until now, Cisco has offered two ways for you to consume Cisco Catalyst SD-WAN. First, an on-premises deployment would reside in your own data center or a managed service provider’s data center. The second option was to deploy in a Cisco hosted environment with either an AWS or Microsoft Azure cloud infrastructure.

A third deployment option is now available. Cisco Catalyst SD-WAN can be cloud-delivered to align to your infrastructure strategy. Why cloud-delivered? We recognize that operating models are changing. Organizations demand simplicity, agility, flexibility, and scalability. Cloud-delivered Catalyst SD-WAN provides a cloud-first experience with automated, rapid on-boarding and single sign-on.

Cisco provides zero-touch life cycle deployment and management of the infrastructure via Cisco’s Cloud Operations team. Customers will experience end-to-end service delivery, providing automated provisioning of the SD-WAN fabric. Cisco provides the management, monitoring, upgrades, and backup and restore. We’ve included access to end-to-end actionable insights that measure, predict, understand, and remediate potential issues, so there’s no need to implement it later. You can now consume SD-WAN with a flexible subscription model that scales to your needs and enables more precise OpEx planning and lower TCO.

Elevating the application experience


Nary a business has been unaffected by the need to support hybrid work requirements. The importance of delivering an exceptional experience to your users has risen with this trend, and the accelerated adoption of digital services has transformed enterprise IT. Unless every one of your users work from the office and all applications they access are on premises, you no longer fully control the end-to-end infrastructure, yet you are still accountable for delivering optimal digital experiences. These new capabilities and solutions help you elevate the application experience.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
ThousandEyes Service Assurance helps your organization ensure top-notch digital experiences through end-to-end network visibility and proactive insights that empower you to pinpoint, troubleshoot, resolve, and optimize performance across every network domain that matters to them—whether on premises, the internet, or cloud.

Cisco is announcing expanded support with ThousandEyes, providing visibility into public cloud networks, internet routing, and enterprise sites with new vantage points from Meraki MX (and Webex RoomOS) devices. You’ll enhance operations with automated event detection and problem isolation, and unmatched insights of your cloud connectivity.

As organizations adapt to hybrid work, IT is expected to support workers at the branch, campus, and remotely. The Meraki Z4 gateways allow IT teams to securely provide connectivity to remote workers and simultaneously manage SD-branch infrastructure across global locations on a unique cloud platform that consolidates security, SD-WAN, access, and IoT.

Simplifying IT


Technology should never get in the way of conducting business and has two essential requirements: work as expected and be simple to use.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
The latest enhancements in SD-WAN management and analytics include new Circuit and SecOps dashboards—along with step-by-step configuration templates to expedite the implementation and management of security policies. They include enhanced visibility into circuits and traffic patterns with a visual interface. An enhanced topology view has been added, and real-time tracking of network and path conditions by application-aware routing provides faster brownout detection.

We are introducing closed-loop automation capabilities to Predictive Path Recommendations (PPR). As an integral component of Cisco predictive networks, PPR delivers a predictive network solution, enabling IT personnel to proactively improve application experience. Leveraging advanced algorithms and predictive models, PPR determines the performance and policy compliance of the paths carrying the site application traffic. When performance is below historical benchmarks or SLA, PPR can make recommendations to the IT personnel and automatically implement corrective actions—before impacting users.

Granular Role-Based Access Control (RBAC) enables service providers to offer a robust co-managed SD-WAN service. Both service providers and their tenants can share or split responsibilities while maintaining accountability via auditing functionality in managing an SD-WAN overlay.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
Cisco Catalyst SD-WAN now supports Cisco Umbrella’s multi-org integration, allowing customers to easily manage multiple child organizations or regions from a single Umbrella dashboard. This enables the integration of multiple Umbrella organizations with a single-tenant Cisco Catalyst SD-WAN deployment by configuring the Umbrella API integration for DNS and SIG on a per-device basis. By creating customized security policies tailored to specific needs of different regions or organizational units, customers can simplify the security management process, improve network security, and reduce the risk of security breaches. A centralized view of multiple networks reduces the time and effort to manage multiple networks and improves the user experience.

Cloud and middle-mile connectivity


Cisco SD-WAN Cloud Hub with AWS Cloud WAN provides a dynamic WAN service that allows building of a global network in a simplified and fully automated manner, within minutes. The solution delivers a secure, on-demand, flexible, and highly available middle-mile, leveraging the global AWS backbone, intent-based network management, and advanced security through a central policy framework.

Our multicloud solutions start with our enhanced cloud router—the Catalyst 8000V—a virtual router that is optimized for scale and performance for compute instances across the cloud and backbone providers. You can consume this software from public cloud marketplaces with pay-as-you-go (PAYG) licenses or bring your own license (BYOL), purchased directly from Cisco.

During Cisco Live, we announced a network-as-a-service consumption model for middle-mile services with Megaport. This PAYG model allows customers to be billed by Cisco according to the usage of their Megaport services. We also announced the availability of Megaport Ports on Cisco’s Global Price List (GPL). Customers will be able to purchase ports globally for private connectivity to Megaport Virtual Edge and for provisioning global backbones through Cisco Catalyst SD-WAN. With PAYG and Megaport Ports, you gain private connectivity to virtual edges from your data centers or sites. PAYG is important for customers because you only pay if you use them. There is no upfront commitment and no overage.

Efficiency and cost savings for service providers


Cisco Multitenant Edge for Cisco Catalyst SD-WAN platforms enables providers to securely host multiple tenants on a single physical or virtual SD-WAN platform. It simplifies and accelerates SD-WAN design and deployment, while also providing CapEx and OpEx savings. This also helps you meet your sustainability goals by powering fewer WAN appliances.

Clearly, network connectivity is no longer just an ordinary, basic utility. As we continue to build on our vision for Cisco Networking Cloud, we are enabling elevated experiences that allow you to provide connectivity experiences for your users that are truly extraordinary.

Source: cisco.com

Tuesday, 6 June 2023

Understanding Application Aware Routing (AAR) in Cisco SD-WAN

One of the main features used in Cisco SD-WAN is Application Aware Routing (AAR). It is often advertised as an intelligent mechanism that automatically changes the routing path of applications, thanks to its active monitoring of WAN circuits to detect anomalies and brownout conditions.


Customers and engineers alike love to wield the power to steer the application traffic away from unhealthy circuits and broken paths. However, many may overlook the complex processes that work in the background to provide such a flexible instrument.

In this blog, we will discuss the nuts and bolts that make the promises of AAR a reality and the conditions that must be met for it to work effectively.

Setting the stage


To understand what AAR can and cannot do, it’s important to understand how it works and the underlying mechanisms running in unison to deliver its promises.

To begin, let’s first define what AAR entails and its accomplices:

Application Aware Routing (AAR) allows the solution to recognize applications and/or traffic flows and set preferred paths throughout the network to serve them appropriately according to their application requirements. AAR relies on Bidirectional Forwarding Detection (BFD) probes to track data path characteristics and liveliness so that data plane tunnels between Cisco SD-WAN edge devices can be established, monitored, and their statistics logged. It uses the collected information to determine the optimal paths through which data plane traffic is sent inside IPsec tunnels. These characteristics encompass packet loss, latency, and jitter.

The information above describes the relationship between AAR and BFD, but it’s crucial to note that they are separate mechanisms. AAR relies on the BFD daemon by polling its results to determine the preferred path configured,  based on the results of the BFD probes sent through each data plane tunnel.

It is a logical next step to explain how BFD works in SD-WAN as described in the Cisco SD-WAN Design Guide:

On Cisco WAN Edge routers, BFD is automatically started between peers and cannot be disabled. It runs between all WAN Edge routers in the topology encapsulated in the IPsec tunnels and across all transports. BFD operates in echo mode, which means when BFD packets are sent by a WAN Edge router, the receiving WAN Edge router returns them without processing them. Its purpose is to detect path liveliness and it can also perform quality measurements for application aware routing, like loss, latency, and jitter. BFD is used to detect both black-out and brown-out scenarios.

Searching for ‘the why’


Understanding the mechanism behind AAR is essential to comprehend its creation and purpose. Why are these measurements taken, and what do we hope to achieve from them? As Uncle Ben once said to Spider-Man, “With great power comes great responsibility.”

Abstraction power and transport independence require significant control and management. Every tunnel built requires a reliable underlay, making your overlay only as good as the underlay it uses.

Service Level Agreements (SLAs) are crucial for ensuring your underlay stays healthy and peachy, and your contracted services (circuits) are performing as expected. While SLAs are a legal agreement, they may not always be effective in ensuring providers fulfill their part of the bargain. In the end, it boils down to what you can demonstrate to ensure that providers keep their i’s dotted and their t’s crossed.

In SD-WAN, you can configure SLAs within the AAR policies to match your application’s requirements or your providers’ agreements.

Remember the averaged calculations I mentioned before? They will be compared against configured thresholds (SLAs) in the AAR policy. Anything not satisfying those SLAs will be flagged, logged, and won’t be used for AAR path selections.

Measure, measure, measure!


Having covered the what, who, and the often-overlooked why, it’s time to turn our attention to the how! ?

As noted previously, BFD measures link liveliness and quality. In other words, collecting, registering, and logging the resulting data. Once logged, the next step is to normalize and compare the data by subsequently averaging the measurements.

Now, how does SD-WAN calculate these average values? By default, quality measurements are collected and represented in buckets. Those buckets are then averaged over time. The default values consist of 6 buckets, also called poll intervals, with  each bucket being 10 minutes long, and each hello sent at 1000 msec intervals.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Tutorial and Materials, Cisco

Putting it all together (by default):

◉ 6 buckets
◉ Each bucket is 10 minutes long
◉ One hello per second, or 1000 msec intervals
◉ 600 hellos are sent per bucket
◉ The average calculation is based on all buckets

Finding the sweet spot


It’s important to remember that these calculations are meant to be compared against the configured SLAs. As the result is a moving average, voltage drops or outages may not be considered by AAR immediately (but they might already be flagged by BFD). It takes around 3 poll intervals to motivate the removal of a certain transport locator (TLOC) from the AAR calculation, when using default values.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Tutorial and Materials, Cisco

Can these values be tweaked for faster AAR decision making? Yes, but it will be a trade-off between stability and responsiveness. Modifying the buckets, multipliers (numbers of BFD hello packets), and frequency may be too aggressive for some circuits to meet their SLAs.

Let’s recall that these calculations are meant to be compared against SLAs configured.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Tutorial and Materials, Cisco

Phew, who would have thought that magic can be so mathematically pleasing? ?

Source: cisco.com

Tuesday, 16 May 2023

IT Leaders Contend with Secure Multicloud Access – The 2023 Global Networking Trends Report

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Prep Exam

What do you get when a massively distributed workforce tries to securely connect to a massively distributed set of applications? Massive complexity. In light of this, our latest annual Global Networking Trends Report is focused on how IT leaders and networking professionals are dealing with the challenges of connecting their increasingly dispersed workers to their increasingly distributed applications. And coming as a surprise to no one, when 2,500 IT leaders and professionals across 13 countries were surveyed, they verified that these challenges were their number one networking priority for 2023.

In addition to presenting the key trends from the survey results, the report includes six areas of essential guidance—guidance that focuses on one ultimate outcome: how best to provide distributed workforces with consistent, secure, anywhere connectivity to applications in a multicloud environment. We also asked Cisco experts to share their point of view on how organizations should implement this essential guidance. Here are a few points I found particularly interesting.

Use of Multiple Clouds is on the Rise


The report validates that organizations are, indeed, moving more of their apps and workloads to multiple cloud providers. But a bigger revelation was just how many different cloud providers organizations are using: 92% use more than two and an incredible 34% host workloads with more than four cloud providers (Figure 1). At the same time, one in four are using more than 20 SaaS applications. And when asked why, many respondents identified agility as the biggest motivation for moving to multiple cloud services, citing it as more important than either cost or resilience. 

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Prep Exam
Figure 1. The use of multiple cloud and SaaS providers has become the norm.  Source: 2023 Global Networking Trends Report.

Lack of Operational Consistency is an Obstacle


The report found that two in five respondents cite lack of consistency across networking, security, and cloud domains as a big obstacle to securely connecting users to cloud resources. At the root of this problem is the reality that many IT organizations still have network and security teams that plan and operate independently. This leaves many IT leaders challenged when trying to deliver better and more secure user experiences with their existing technology and divided operational boundaries.

Integrate Networking and Security from Device to Cloud  


Almost half of the respondents identified a fully integrated networking and security architecture in the form of Secure Access Service Edge (SASE) as their primary choice for connecting branches and remote users to multicloud applications within the next two years. They reported widespread plans to integrate cloud-based software-defined WAN (SD-WAN) connectivity and cloud security in order to deliver consistent secure access to both SaaS– and IaaS–based services.  

Simplify Connectivity to Multiple Clouds 


As the number of clouds increases, the ability to provide consistent and efficient connectivity management and security across them is becoming increasingly important. To improve connectivity to cloud-based applications from all locations, 53% of respondents said they are prioritizing SD-WAN integration with cloud services, SaaS, and middle-mile providers (Figure 2). Why? To apply policy consistently, automate connectivity, and better secure the application experience. 

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides, Cisco Prep Exam
Figure 2. SD-WAN Integrations with IaaS, SaaS, and Middle-mile Providers are Vital for a Better IT and User Experience.  Source: 2023 Global Networking Trends Report.

You Can’t Manage What You Can’t See 


Ultimately responsible for end-user experiences, IT is increasingly challenged to deliver desired levels of service. With the majority of transactions either originating or terminating outside of traditional enterprise boundaries, IT lacks visibility into the full network path. The digital supply chain is increasingly complex, composed of multiple providers and hops that are typically invisible to IT teams. With the Internet increasingly becoming the new core network, it’s no wonder that IT teams need help. In response to this need for greater visibility, 51% of IT professionals reported prioritizing the adoption of end-to-end network telemetry and visibility to achieve proactive detection and remediation of issues.  

Guiding, influencing, or implementing your own organization’s direction for networking is no easy feat. Explore this year’s report to learn more about how your peers are connecting and securing their increasingly distributed personnel to increasingly distributed apps and data.

Source: cisco.com