Tuesday, 9 April 2024

Mastering Skills with Play: The Fusion of Gaming and Learning in Black Belt Gamification

Mastering Skills with Play: The Fusion of Gaming and Learning in Black Belt Gamification

Welcome to the immersive world of gamified learning, where the addictive pull of mobile gaming and the interactive rewards system of apps like Duolingo are not just for play—they’re the driving force behind our approach to Cisco Black Belt Academy gamification. We strive to transform enablement by harnessing the potent allure of game mechanics, making the learning process not just more engaging but also more impactful. Discover how we integrate the principles of game design to elevate and energize conventional enablement methodologies.

Black Belt gamified enablement incorporates game elements like points, badges, challenges, customizable avatars and themed stories into the learning process, to encourage user interaction and competition via leaderboards. Our objective is to make acquiring new knowledge more engaging and interactive, fostering a sense of accomplishment, and healthy competition among learners.

Classic versus Contemporary: A Comparative Outlook


During our research into gamified learning, we found that traditional training methods often struggle to keep learners engaged, leading to decreased retention and motivation.

The Gamification initiative began to further improve and innovate Black Belt Academy enablement. In today’s fast-paced world, keeping our learners engaged and up-to-speed is crucial. Gamified enablement is a dynamic approach that addresses this by tapping into our natural desire for competition, recognition, and accomplishment.

Our objective has been to use gamification to drive Black Belt participation on a broader level with our partners while deepening their knowledge and making it more fun and hands-on for the learners. ​

Innovation and Opportunities


Partners with 30% of employees engaged in Black Belt grew 10% basis points faster and Partners with above average participation grew 3% faster. Adding layers of gamification will give us the opportunity to increase enablement engagement driving more users, improved completion rate & higher continuation rates (S2/S3), and higher user loyalty.

Cisco Black Belt Academy has planned and implemented gamification strategies in three categories:

Mastering Skills with Play: The Fusion of Gaming and Learning in Black Belt Gamification

1. Single Tournaments are where partner individuals register to compete against others in a single/one-off lab-like (short period) environment where the individual who gets the most points wins.

2. Journey Competitions are where partner individuals register to compete against other individuals over a long period of time with the end goal to get to the top of the tournament table.​

3. Races are where partner individuals register to race against others by completing trainings the quickest. Only a certain number of individuals are rewarded in the end.

Our innovative Escape Room has been met with widespread acclaim and attention. In this space-themed adventure, participants are cast as crew members of a spaceship that has crash-landed on an alien planet. To escape, they must leverage their Cisco Security expertise to locate and gather essential repair elements (crystals) needed to restore their spacecraft.

Mastering Skills with Play: The Fusion of Gaming and Learning in Black Belt Gamification

Our team at Cisco Black Belt Academy is committed to enhancing the partner experience by infusing our platform with engaging value communications. We are focused on integrating gamification elements, create captivating content that keeps learners engaged throughout their gaming experience while also providing meaningful rewards and incentives that align with their in-game achievements.

Mastering Skills with Play: The Fusion of Gaming and Learning in Black Belt Gamification

Source: cisco.com

Saturday, 6 April 2024

Meet the new Cisco Catalyst 1200 and 1300 Series Switches for SMBs

In today’s hyperconnected world where seamless customer experience is the key to success, your network can often become the differentiator that helps you succeed. This is true not just for large enterprises, but also for small and medium businesses.

Through Cisco’s small and medium business portfolio, we have been bringing the latest technology to our SMB customers and helping them create secure, reliable networks that can be effortlessly setup, monitored and managed; all at prices that fit small business budgets.

The new Cisco Catalyst 1200 and 1300 series switches are the latest additions to our small and medium business portfolio of access switches with Linux-based OS that combine powerful network performance, simplified management, and reliability with a comprehensive suite of network features that enable the digital transformation of growing businesses and branch offices.

Meet the new Cisco Catalyst 1200 and 1300 Series Switches for SMBs
Cisco Catalyst 1200 Series Switches

Meet the new Cisco Catalyst 1200 and 1300 Series Switches for SMBs
Cisco Catalyst 1300 Series Switches

These switches have been designed to help customers focus on growing their business rather than spending their time managing IT, by offering the following benefits:

Simplicity – Simple management with web-based configuration, Cisco Business Mobile App and Cisco Business Dashboard. Auto discovery for easy integration with Collab and Wi-Fi products.

Flexibility – Ultimate business flexibility with Gigabit, Multigigabit and 10G connectivity, Gigabit or 10G uplinks, and PoE+ support up to 740W.

Security – Advanced security protocols providing a solid security foundation, ensuring privacy and business continuity.

Cisco Catalyst 1200 Series Switches


The Cisco Catalyst 1200 Series Switches are purpose-built for growing businesses, combining robust performance & reliability with ease of setup, monitoring & management. These switches provide comprehensive security capabilities, Layer 3 static routing features, & multiple PoE+ options to choose from.

Cisco Catalyst 1300 Series Switches


The Cisco Catalyst 1300 Series Switches are fixed, managed, enterprise-class Layer 3 switches designed for small and medium-sized business and branch offices. They offer advanced security features, front-panel stacking capabilities, gigabit, multi-gigabit and 10 gig-ethernet options, and Layer 3 RIP routing, with a POE+ budget up to 740W.

Which one do you need?


The following table compares the prominent features of Catalyst 1200 and 1300 series switches:

Meet the new Cisco Catalyst 1200 and 1300 Series Switches for SMBs

With the Cisco Catalyst 1200 and 1300 Series switches, there are no licenses to purchase, and software updates are available at no additional cost. The switches offer a limited lifetime warranty with one-year free phone support.

Customers who wish to deploy themselves can purchase the new Cisco Catalyst 1200 and 1300 series switches through eComm partners such as Amazon.com or other e-tailers. Cisco partners can contact their distributor of choice.

Source: cisco.com

Thursday, 4 April 2024

Balancing agility and predictability to achieve major engineering breakthroughs

Balancing agility and predictability to achieve major engineering breakthroughs

I shared the progress we’re making toward building the Cisco Security Cloud, an open, integrated security platform capable of tackling the rigors of securing highly distributed, multicloud environments. This was an honest assessment of what we have achieved and celebrating our significant accomplishments, moving the needle forward on our vision. I want to share how we approach our research, development, execution and what are our core principles to driving innovation at scale.

In any large organization with a diverse enterprise-grade portfolio varying in adoption levels, solution longevity, and product category maturity, you will find the need to continuously look for ways and means to drive efficiency and excellence. We are fortunate to have loyal customers who trust that with Cisco, they can both secure and manage risk to their organization. Our focus has been to meet customers where they are, and that involves delivering security solutions in various form factors and platforms for a hybrid, multi-cloud world.

To do this, we are evolving our engineering organization to deliver on ambitious goals through higher levels of agility. Agility requires the courage to break down organizational silos and embrace the notion of failing fast and learning even faster from those failures. But engineering organizations like ours also have our “day jobs” with the reality that constantly changing customer and business environments can wreak havoc on engineering roadmaps. This leads to the inevitable difficult decision on whether to focus on the backlog of customer-requested features, versus delivering new, innovative features that move the industry forward.

Another way to say this is that as much as engineering organizations strive for agility, we have to be cognizant of how much our customers crave predictability in terms of their security operations and  feature delivery from vendors like Cisco. Let’s look at this from the lens of a customer-impacting factor that may make security operations less predictable: security incidents.

Balancing agility and predictability to achieve major engineering breakthroughs

These numbers are meaningful because cybersecurity is a critical part of any business and part of business resilience plans, which can involve public disclosures. Cybersecurity is also in the line of critical operations functions and can be a cause of major disruptions for the entire business when it fails. So, that is the high-stakes nature of the balancing act we have in front of us with one end of the see-saw being our desire to achieve agility with the other end being our responsibility to our customers to be predictable in their security operations, which are becoming ever more critical in the viability of their businesses.

A pragmatic approach to balancing agility and predictability


Leading a large engineering organization in charge of one of the broadest security product portfolios has challenged me to think about this critically. There are many ways to balance agility and predictability, but we’ve been able to distill this down to a pragmatic approach that I believe works best for us.

Careful short and long-term planning.

This is a critical step that provides the framework for building an engineering org that is both agile and predictable. It starts with iterative planning that allows for reviewing and adjusting plans based on market feedback and changing conditions. This includes meeting shorter-term commitments and regular updates to maintain customer confidence while allowing for adjustments. We also use agile retrospectives and adaptive planning to ensure forward progress and our ability to incrementally improve.

Resource allocation and ruthless prioritization play a key role. We achieve this through segmentation and portfolio management, segmenting a product portfolio into different categories based on levels of predictability and innovation. We exercise scenario planning for risk mitigation and management, developing scenarios that explore different market conditions with strategies for responding to ensure we make informed decisions in uncertain conditions. This helps us identify and mitigate risks that may impact our agility and predictability, account for potential disruptions, prioritize appropriately, and manage expectations.

Clear and consistent communication.

One of the most important aspects of this is the need for clear and consistent communication. As leader, it is my responsibility to clearly articulate the benefits of agility and explain the steps we need to take to ensure the predictability and delivery needed for stable operations. My philosophy is that shared outcomes involve “shared code” that results in a platform-centric development approach and an inner source execution model that allow for acceleration of feature development and delivery velocity.

An org culture willing to adapt.

Even the best of plans will fail without capable people who can and are willing to execute on them. For us, this involves an on-going evolution across our large, highly distributed engineering organization to foster a culture that values both agility and predictability and aligned with one of Cisco’s core values: accountability. A few of the ways we’ve seen success are by:
  • Encouraging cross-functional collaboration and open dialogue about the challenges and benefits of both approaches.
  • Ensuring leadership is aligned with the organization’s approach to balancing agility and predictability.
  • Creating opportunities, like Hackathons, to fail fast and learn even faster, explore the art of the possible, and to dive into technology to solve unexpected challenges.
  • Ensuring consistent messaging and support for team members.

Effective processes, not bureaucracies.

Processes often get a bad rap because they are often associated with bureaucracies that can hinder speed and progress. But processes are critical to make sure we’re executing our plans in the intended ways with the ability to measure progress and adapt as necessary. In our goal to balance agility with predictability, we have implemented some specific aspects to processes that work best for us.

  • We blend agile methodologies with more traditional project management approaches (e.g., agile for new features, waterfall for foundational infrastructure). Our processes allow us to take a “dual plane” approach to innovation with one plane focusing on predictable, stable delivery while the other explores innovative, experimental initiatives.
  • As the aphorism goes, “you can’t manage what you can’t measure”. We have implemented an outcome-focused approach toward metrics that shifts the focus from output (deliverables) to outcomes (business value). This allows us to demonstrate how agility enhances the ability to deliver value quickly and adapt to market changes, solving some of the toughest challenges for our customers.
  • We take a customer-centric approach in all things we do. This means we use customer feedback and market insights to prioritize and guide innovation efforts. This includes dedicated customer advisory boards, and programs built around the voice of our customers like NPS surveys. This helps ensure that agility is directed toward meeting customer needs and not innovating for innovation’s sake.

Our processes involve adaptive governance and continuous learning that accommodates both agility and predictability. This includes providing guidelines for making decisions in dynamic situations, continuously assessing what’s working and what’s not, and encouraging a learning mindset and adjusting strategies accordingly.

Innovating to win


Taking a customer centric approach to all things we do, we’ll continue focusing on the breakthrough successes that showcase our ability to be both agile and predictable to meet market demands and deliver customer outcomes. One example of this is how we, as the official cybersecurity partner of the NFL, helped secure this year’s Super Bowl that was the most watched telecast in this game’s history. We also continue our incredible work with AI and Generative AI like the Cisco AI Assistant for Security to simplify policy, and AI-enabled security operations through innovation for both AI for security and security for AI. When we strike the balance of agility and predictability, we innovate to win.

Source: cisco.com

Tuesday, 2 April 2024

Pave the Way for New Revenue with Transport Slicing Automation and Assurance

Pave the Way for New Revenue with Transport Slicing Automation and Assurance

Excellence in service matters. Whether you are a mom-and-pop operation or a multibillion-dollar business spanning multiple industries, keeping customers happy and satisfied is essential. No one knows this better than telecommunication (telecom) providers—who experience close to 40% customer churn due to network quality issues, according to McKinsey.

For telecom providers, delivering an outstanding digital experience means smarter troubleshooting, better problem-solving, and a faster route to market for innovative and differentiated services. As if delighting customers and generating new revenue weren’t enough, there is also the added pressure of keeping operational costs low.

For operators of mass-scale networks, that can be a tall order. The good news is that innovative solutions like transport slicing and automated assurance are creating opportunities for service providers to build new revenue streams and differentiate services on quality of experience (QoE) with competitive service-level agreements (SLAs). In this blog post, we will explore how transport slicing and automated assurance can revolutionize the network landscape and transform service delivery, paving the way for financial growth.

Simplify and transform service delivery


Despite ongoing transformation efforts, telecom and high-performance enterprise networks are becoming increasingly complex and challenging to manage. Operations for multivendor networks can be even more complicated, with their various domains, multiple layers of the OSI stack, numerous cloud services, and commitment to end-to-end service delivery.

Complexity also impacts service performance visibility and how quickly you can find, troubleshoot, and fix issues before customer QoE is impacted. To understand the customer experience and differentiate services with competitive enterprise SLAs, you need real-time, KPI-level insights into network connections across domains and end-to-end service visibility. To confront these challenges, many service providers have been attempting to simplify network operations while reducing the cost of service delivery and assurance.

So, how do you streamline increasingly busy transport network operations? For one, advanced automation and orchestration tools can automate intent-based service provisioning, continuously monitor SLAs, and take corrective action to maintain service intent. Automated assurance, for example, can proactively monitor service performance, as well as predict and remediate issues before customers are impacted. This reduces manual work and allows for quicker reaction times to events that impact service.

With leading-edge platform and automation capabilities, you can deliver a wide range of use cases with a unified interface for visualization and control to manage network services effectively. This makes complex multidomain transport networks more accessible and easier to operate, which can help improve capital efficiency, enhance OpEx utilization, and accelerate new service launches.

The operational agility created by simplifying network operations allows you to adapt quickly to market changes and customer needs. You can assure services while securing new revenue streams and capitalizing on emerging service delivery opportunities.

Leverage transport slicing for the best outcomes


Simplifying network operations is only one part, because the one-size-fits-all approach to network infrastructure is no longer sufficient as your customers demand more personalized, flexible, and efficient services. This is where transport slicing can help, by offering a new level of customization and efficiency that directly impacts the service quality and service guarantees you can offer.

Network slicing is typically associated with delivering ultra-reliable 5G network services, but the advantages of transport slicing reach well beyond these areas. Network as a service (NaaS), for example, addresses enterprise customers’ need for more dynamic, personalized networks that are provisioned on demand, like cloud services. Using transport slicing, you can create customized virtual networks that provide customers with tailored services and control, while simplifying network management.

For telecom providers, transport slicing and automation will be critical to managing service level objectives (SLOs) of diverse, slice-based networks at scale. The transport layer plays a critical role in service delivery, and automation is essential to simplify operations and reduce manual workflows as slicing and enterprise services based on slicing become more complex.

Together, transport slicing and automation fundamentally change how network services are delivered and consumed. And while the slicing market is still in early stages of adoption, end-to-end slicing across domains offers a level of efficiency that translates into direct benefits through faster service deployment, enhanced performance, cost savings, and the ability to scale services quickly.

Pave the Way for New Revenue with Transport Slicing Automation and Assurance

A complete, end-to-end automated slicing and assurance solution


Traditionally, the service monitoring and telemetry required to do any service-level assurance was an afterthought—built separately and not easily integrated into the service itself. Now, you can leverage the power of network slicing while ensuring each slice meets the stringent performance criteria your customers expect, as well as enable closed-loop automation based on end-user experiences at microsecond speeds. For example, tight integration between Cisco Crosswork Network Automation and Accedian’s performance monitoring solution provides a more complete, end-to-end automated slicing and assurance approach.

You can create and modify network slices based on real-time demand, and then leverage performance monitoring tools to not only assure the health and efficiency of these slices, but also provide empirical data to validate SLAs. You can use predictive analytics and real-time insights to identify and mitigate issues before they impact service quality, enabling increased network uptime and enhancing customer experience.

A proactive approach towards network management helps you use resources more efficiently, decrease complexity, and ensure customer satisfaction is prioritized—all while creating new opportunities for innovative revenue streams through highly differentiated and competitive service offerings. Ultimately, automated slicing and assurance drives greater operational excellence.

Fix problems before customers notice


Competition remains fierce in the telecom market, as service providers strive to meet B2B customers’ demand for high-quality services, fast service provisioning, and performance transparency. Speed is a differentiator, and customers notice immediately when service disrupts. Customers are willing to pay a premium for critical network performance, service insights, and enhanced SLAs that promise immediate resolution. To meet this demand, you need the ability to find and fix problems before customers notice.

Transport slicing and automated assurance are at the forefront of this challenge, enabling service providers to not only deliver services faster and more reliably, but to also have confidence those services will have the performance and QoE that customers expect.

The right network automation capabilities can drive simplified, end-to-end lifecycle operations, including service assurance that’s dynamic, intelligent, and automated. This paves the way for revenue-generating, premium services and delivering the outstanding experiences your customers expect.

Source: cisco.com

Monday, 1 April 2024

Mastering CCNP Security 300-740 Exam: An In-Depth Look

A girt showing Cisco 300-740 Exam Study Guide

In the ever-evolving field of network security, standing out as an IT professional requires not just skill, but validation of that skill. The CCNP Security 300-740 certification emerges as a beacon for those dedicated to mastering Cisco networks' security. This coveted credential is more than a certificate; it's a badge of honor that signifies your prowess in deploying and managing cutting-edge security measures in the cyber world.

Diving Deep into the CCNP Security 300-740 Exam

At the heart of the CCNP Security certification lies the 300-740 exam, a rigorous test that probes your knowledge across various pivotal security domains such as secure network access, content security, and navigating the complexities of cloud security. Crafted meticulously, the 300-740 SCAZT exam ensures that those who pass can shield network infrastructures against the threats of today and tomorrow.

300-740 SCAZT Exam Breakdown:

  • Duration: 90 minutes

  • Question Count: Between 55 to 65

  • Passing Score: Typically falls between 750 and 850 out of 1000

  • Format: A mix of multiple-choice and simulation-based questions

  • Validity: 3 years before renewal is required

CCNP Security Exam Preparation Pathways

  • Official Cisco Resources: Dive into the wealth of knowledge provided through Cisco's own training courses. These not only cover the theoretical aspects but also offer practical lab exercises.

  • Comprehensive Study Guides: Bolster your preparation with detailed study materials that go in-depth into each 300-740 exam topic.

  • Practice Makes Perfect: Regular practice exams are invaluable. They pinpoint areas needing improvement and familiarize you with the Cisco SCAZT exam's structure and pacing.

  • Community Engagement: Connect with peers through forums and study groups. Sharing insights and experiences can provide unique perspectives and study tips.

Best Tips to 300-740 Triumph

  • Know What's Expected: Thoroughly understanding the 300-740 SCAZT exam objectives can give you a clear roadmap of what to study.

  • Strategic Study Plan: Allocate your study time wisely, ensuring each topic gets the attention it deserves, with regular reviews.

  • Real-World Application: There's no substitute for hands-on experience. Create a lab environment to practice real-world security scenarios on Cisco networks.

  • Stay Informed: The cybersecurity landscape is dynamic. Keep abreast of the latest trends and technologies that could be included in the CCNP Security exam.

Career Advancement Post-Certification

Earning the CCNP Security 300-740 certification can significantly propel your career forward, marking you as a seasoned professional ready to tackle complex security challenges. Career doors that may open include roles as a Network Security Engineer, Security Analyst, Cybersecurity Specialist, or Network Administrator with a security focus.

Benefits of Being CCNP Security Certified:

  • Industry Credibility: CCNP Security certification is a gold standard in IT, highlighting your expertise in Cisco's security solutions.

  • Career Growth: It paves the way for advanced roles, showcasing your dedication to professional growth and security mastery.

  • Skill Enhancement: Preparing for the 300-740 SCAZT exam deepens your understanding of network security, from principles to best practices.

  • Salary Upside: Certified professionals often enjoy higher salaries and better job prospects.

  • Global Recognition: Cisco's certifications are acknowledged worldwide, opening international career opportunities.

Considering the Challenges:

  • Investment Required: Achieving certification comes with its costs, including exam fees and study materials.

  • Time Management: The extensive study required demands a significant time commitment.

  • Keeping Pace with Technology: As security technologies evolve, so must your knowledge, necessitating continuous learning.

  • Exam Rigor: The CCNP Security exam's challenging nature demands a solid grasp of complex concepts and hands-on experience.

  • Specialization: While highly valuable for those in network security, it might not offer the same benefits for individuals in non-Cisco environments or different IT areas.

Conclusion

The journey towards obtaining the CCNP Security 300-740 certification requires dedication, consistent studying, and practical application. It is a path that not only enhances your professional life but also distinguishes you as an expert in the vital field of network security. By embracing the challenge and making the most of the resources available, you can unlock a new realm of career opportunities and personal growth in the IT security domain.

Saturday, 30 March 2024

Hiding in Plain Sight: How Subdomain Attacks Use Your Email Authentication Against You

For years, analysts, security specialists, and security architects alike have been encouraging organizations to become DMARC compliant. This involves deploying email authentication to ensure their legitimate email has the best chance of getting to the intended recipients, and for domain owners to be quickly notified of any unauthorized usage of their domains. While together we are making progress thanks to DMARC adoption and reporting services such as Cisco’s OnDMARC offering, there’s an opportunity to do better particularly with on-going monitoring to address new and emerging threats, such as this Subdo campaign.

What’s happened?


Recently a totally new attack type has been seen that takes advantage of the complacency that an organization may have when they approached their DMARC rollout with a ‘ticked the box’ mindset.

The SubdoMailing (Subdo) campaign has been ongoing for about two years now. It sends malicious mail – that is typically authenticated – from domains and subdomains that have been compromised through domain takeover and dangling DNS issues.

These attacks were initially reported by Guardio Labs who reported the discovery of 8,000 domains and 13,000 subdomains being used for these types of attacks since 2022.

Several weeks before that, Cisco’s new DMARC partner, Red Sift, discovered what they initially thought was an isolated incident of bad senders passing SPF checks and sending emails fraudulently on behalf of one of their customers. In the customer’s instance of Red Sift OnDMARC, they noticed email was coming from a sender with a poor reputation and a subdomain that appeared unrelated to their customer’s main domain. But these emails had fully passed SPF checks with the customer’s current SPF record. Upon alerting the customer who then investigated all the ‘includes’ in their SPF record, several outdated CNAME addresses were found that had been taken over by attackers, which is what caused the issue.

What should I look out for?


The bad actors in this campaign are capitalizing on stale, forgotten or misconfigured records that were wrongfully included in DNS to send unauthorized emails. The attackers then send phishing emails as images to avoid text-based spam detection.

It is this oversight that has seen many notable organizations be impacted by these new subdomain attacks in the last few months, solely because they have not been actively monitoring in the right areas.

Proactive steps to start today:


1. Don’t let your domain names expire – these are what provide fraudsters the opportunity to carry out the attack.
2. Keep your DNS clean – Remove resource records from your DNS that are no longer in use and remove third-party dependencies from your DNS when they become redundant.
3. Use a trusted email protection provider – It makes sense to use a vendor for DMARC, DKIM and SPF requirements but be sure to use a trusted vendor with the capability to proactively identify problems, such as when part of a SPF policy is void or insecure.
4. Check for dangling DNS records – Have an inventory of hostnames that are monitored continuously for dangling resource records and third-party services. When identified, remove them immediately from your DNS.
5. Monitor what sources are sending from owned domains – If the domain or subdomain is taken over for sending, then it is important to know if mail is being sent from it as quickly as possible.

What else should I do?


If you are wondering if you have been impacted by SubdoMailing, the best place to start is Red Sift Investigate, this will provide you with a review of your domain such as can be seen below:

Hiding in Plain Sight: How Subdomain Attacks Use Your Email Authentication Against You

Should this valuable tool reveal any ‘SubdoMailers’ – also known as poisoned includes – the Red Sift SPF Checker allows you to visualize them in a dynamic ‘SPF tree’, allowing you to quickly pinpoint where they are and speed up remediation efforts, an example of a dynamic SPF tree can be seen below: –

Hiding in Plain Sight: How Subdomain Attacks Use Your Email Authentication Against You

The OnDMARC Adoption and Reporting Solution that Cisco partners with Red Sift on has already been updated to uncover exactly these issues directly within the tool to ensure our customers are protected.

If you’d like to learn more then sign up for a free SubDo vulnerability scan to get in-depth insight into your current threat landscape, covering email and domain security, and uncover any potential DNS vulnerabilities.

If you’re a Cisco Secure Email customer, find out how you can quickly add Red Sift domain protection to your security suite and better detect that image-based spam.

Source: cisco.com

Thursday, 28 March 2024

SD-Routing: Unlock Agility and Efficiency for the Secure WAN Edge

SD-Routing: Unlock Agility and Efficiency for the Secure WAN Edge

Many Cisco enterprise customers have decades of Cisco Catalyst routing and security capabilities functioning at branch locations. However, many of their traditional network management solutions can’t keep up with the demands of cloud adoption, remote work, and ever-growing user expectations. This translates to poor user experience, sluggish applications, and possible security vulnerabilities. These factors are driving the need for a transformation across applications, networks, and security.

This operational paradigm shift aims to seamlessly connect users anywhere to any application and secure user access by protecting against evolving threats. The answer to these operational challenges is Cisco’s software-defined routing (SD-Routing) solution. It goes beyond traditional per-device-based management by enabling full frictionless lifecycle device management, monitoring, configuration, and troubleshooting—as well as robust, next-generation firewall security integrations—from a single dashboard that doesn’t require any changes to your existing environment.

SD-Routing: Unlock Agility and Efficiency for the Secure WAN Edge
Figure 1. SD-Routing solution overview

Let’s explore some key use cases of SD-Routing that can transform your network:

Frictionless device lifecycle management. Simplify and prepare your network for the future with one management platform. SD-Routing, controlled through the Cisco Catalyst SD-WAN Manager dashboard, can:

  • Unify management: Manage device software upgrades, monitoring, and troubleshooting through the intuitive Catalyst SD-WAN Manager dashboard. This simplifies network operations and empowers you to manage both traditional routing and Catalyst SD-WAN environments.
  • Tame legacy challenges: Simplify complex legacy operations with SD-Routing. Basic troubleshooting tools within the manager help you maintain and optimize performance. Continuous updates ensure your network stays ahead of the curve.
  • Combat configuration drift: Manage and track changes with a unified platform. Use the manager to create configuration templates for standardized deployments and future SD-WAN migration.

Network administrators might be using homegrown automation or third-party vendor tools to solve these problems. You can continue to use these tools, but you don’t need to invest further. Rather, take advantage of SD-WAN Manager, which comes as a part of Catalyst licensing.

Security


Configuring diverse IOS XE security features through the command-line interface (CLI) or customized ad hoc scripts has historically been a complex, labor-intensive process that is prone to errors. This is especially true for defining granular security policies across zones and containers. With the introduction of SD-Routing guided security workflows, customers aiming to implement robust, next-generation firewall (NGFW) security on their on-premises routers will find this a valuable addition, allowing for consistent policy application across deployments. Many customers want Direct Internet Access (DIA) at their branch offices, but security concerns hold them back. SD-Routing can streamline secure DIA deployment on WAN edge routers, offering a simpler approach to securing distributed networks.

Cloud on-ramp for multicloud


Traditional network teams often struggle to securely extend their WANs to cloud providers, where key enterprise applications may reside. SD-Routing simplifies this process, especially for those who are hesitant to adopt it. With SD-Routing, you can securely connect to cloud providers like AWS and Azure following best practices, without months of learning complex, cloud-specific configurations. This empowers you to seamlessly connect to cloud providers and focus on your business outcomes.

As you tackle the modern network challenges, explore SD-Routing to simplify, streamline, secure, and future-proof your WAN environment. The single management platform for Catalyst SD-WAN and SD-Routing saves time and operational expenses with agile and automated workflows that quickly respond to network changes.

Beyond these immediate benefits, SD-Routing also can help strategically position your network for simplified future migrations to SD-WAN, depending on where you are in your digital transformation journey.

Whether you have existing enterprise networking equipment in your WAN or are considering a future purchase of Cisco Catalyst 8000 Edge Platforms, Cisco 1000 Series Integrated Service Routers, Cisco 1000 Series Aggregation Service Routers, or Industrial Routers, SD-Routing can unlock their full potential. Even better, if you’re already using Cisco Catalyst SD-WAN Manager, you can leverage the same platform to manage your SD-Routing deployments.

Source: cisco.com