Thursday 27 June 2024

Cisco API Documentations Is Now Adapted for Gen AI Technologies

Developer experience changes rapidly. Many developers and the Cisco DevNet community utilize Generative AI tools and language models for code generation and troubleshooting.

Better data = better model completion

The main challenge for GenAI users is finding valid data for their prompts or Vector Databases. Developers and engineers need to care about the data they plan to use for LLMs/GenAI interaction.

OpenAPI documentations is now available to download

The OpenAPI documentation is a specification that defines a standard way to describe RESTful APIs, including endpoints, parameters, request/response formats, and authentication methods, promoting interoperability and ease of integration.

We at Cisco DevNet care about developers’ experience and want to make your experience working with Cisco APIs efficient and with minimal development/testing costs.

You can find links to OpenAPI documentation in JSON/YAML format here: Open API Documentation page and Search related product API – Navigate to API Reference -> Overview section in left-side menu

Note: Some API documentation can contain multiple OpenAPI Documents

For which purpose you can use related OpenAPI documentation as a part of prompt/RAG:

  • Construct code or script that utilizes related Cisco API
  • Find related API operations or ask to fix existing code using the information in the API documentation
  • Create integrations with Cisco products through API
  • Create and test AI agents
  • Utilize related Cisco OpenAPI documentation locally or using approved AI tools in your organization.

Structured vs Unstructured data

I’ve compared two LLM model completions with a prompt that contains two parts. The first part of the prompt was the same and contained the following information:

Based on the following API documentation, please write step-by-step instructions that can help automatically tag roaming computers using Umbrella API.
High-level workflow description:

  1. Add API Key
  2. Generate OAuth 2.0 access token
  3. Create tag
  4. Get the list of roaming computers and identify related ‘originId’
  5. Add tag to devices.

API documentation:

Second part:

In one case, it contains copy and paste data directly from the doc,
The other one contains LLM-friendly structured data like OpenAPI documents pasted one by one

Cisco API Documentations Is Now Adapted for Gen AI Technologies
Part of CDO OpenAPI documentation

Cisco API Documentations Is Now Adapted for Gen AI Technologies
Claude 3 Sonnet model completion. Prompt with OpenAPI documents 

Cisco API Documentations Is Now Adapted for Gen AI Technologies
Claude 3 Sonnet model completion. Prompt with copy and paste data

Benefits of using LLM-friendly documentation as a part of the prompt

I’ve found that model output was more accurate when we used OpenAPI documents as a part of a prompt. API endpoints provided in each step were more accurate. Recommendations in sections like “Get List of Roaming Computers” contain better and more optimal instructions and API operations.


Tuesday 25 June 2024

Security Cloud Control: Pioneering the Future of Security Management

Security Cloud Control: Pioneering the Future of Security Management

Organizations face a critical challenge today: attackers are exploiting the weakest links in their networks, such as unsecured users, devices, and workloads. This threat landscape is complicated by the shift from traditional data centers to a distributed environment, where protecting dispersed data across multiple touchpoints becomes complex.

To address these threats, many organizations resort to using multiple security tools, leading to siloed teams, tech stacks, and management systems that hinder effective security. This fragmented approach results in unnecessary costs, longer deployment times, inconsistent security, and critical gaps.

Security products that do not integrate or benefit from each other exacerbate these issues. For example, Network Security Admins struggle to navigate disparate teams and tools for effective policy deployment. Additionally, customers often under-utilize security tools, resulting in poor security hygiene and misconfigurations that increase the risk of a breach. Manual monitoring of multiple tools makes it impossible for organizations to proactively predict issues that lead to operational challenges. Consequently, the burden has been pushed onto the customer to understand the gaps and figure out how to best use the tools.

Inconsistent security policies, siloed management, lack of unified visibility, misconfiguration risks, and cybersecurity skills shortage are all significant challenges organizations face. While organizations are facing these challenges, the urgency is underscored by findings from the IBM X-Force Threat Intelligence report. According to the report, the average time from initial access to ransomware deployment has dropped from 1637 hours (about 2 months 1 week) to just 92 hours (less than 4 days) in 2023. This dramatic reduction means organizations now have much less time to respond to threats, making effective and integrated security solutions more critical than ever.

Without a centralized platform, gaining a holistic view of security is challenging. Manual identification of misconfigurations is error-prone and can lead to breaches. There is a lack of skills, time, and resources to fully utilize security features and maximize ROI. Customers must implement best practices, requiring specialized knowledge and time. Resolving access or policy issues is lengthy due to diverse security products. Admins spend excessive time crafting similar policies across different platforms. Operational issues are often addressed reactively, leading to downtime and suboptimal performance. Non-actionable alerts and overwhelming data cause analysis paralysis and hinder decision-making, with a missing sense of urgency. While we will never fully move away from having distributed enforcement points, there is a significant opportunity for the security industry to provide consistent security across these varied touchpoints.

A unified security platform aims to alleviate these issues by providing a comprehensive view of the security landscape, enabling consistent policy enforcement, simplifying troubleshooting, and offering actionable insights with the help of AI. Thus, it reduces the cognitive load and dependency on specialized skills. When considering Unified Security Management (USM), the goal is to have seamless management experience.

To meet the unique needs of various organizations and support diverse network firewall configurations, our strategy focuses on three core objectives: simplifying operations, enhancing security, and improving clarity. We aim to streamline security management processes, strengthen defenses with advanced Zero Trust and vulnerability protection, and offer clear, actionable insights through AI-driven intelligence. These focused efforts are designed to deliver a more intuitive, robust, and user-friendly security solution.

Customer Outcomes with Security Cloud Control

Security Cloud Control: Pioneering the Future of Security Management

We are excited to launch AIOps, offering a game-changing way to enhance operational efficiency and bolster security. AIOps addresses critical IT challenges such as misconfigurations and traffic spikes, preventing downtime and reinforcing network performance. AIOps provides predictive insights and automation to help administrators improve security and reduce costs. We are introducing key features, such as policy analysis and optimization, best practice recommendations, traffic insights, and capacity forecasting. By incorporating AIOps into our services, we are adopting a more intelligent and proactive methodology to safeguard and optimize the performance and security of your network infrastructure.

Best Practice Recommendations: Nudging admins to get to better security state

Security Cloud Control: Pioneering the Future of Security Management

Predictive Insights with AIOps

Security Cloud Control: Pioneering the Future of Security Management

Benefits of AIOps

Security Cloud Control: Pioneering the Future of Security Management

Our solution is designed to accommodate management of a wide array of form factors of firewalls, ensuring comprehensive security from the ground up to the cloud. It seamlessly integrates with various deployment models, including physical and virtual firewalls (Cisco Secure Firewall Threat Defense), Multicloud Defense, Hypershield, and Adaptive Security Appliances (ASA).

This versatility simplifies the management of your security infrastructure, making it easier to maintain a robust and adaptive defense system across your entire network all from a single place.

Our partnership with Splunk represents a significant leap forward in streamlining security operations. By integrating with Splunk, we enhance the oversight and monitoring capabilities of both cloud-based and on-site firewalls. Utilizing Splunk’s powerful data processing, analytics, and real-time logging strengths, we deliver an enriched, responsive, and comprehensive view of your security posture.

This collaborative effort simplifies the management of security operations, providing Security Operations Center (SOC) teams with a superior, streamlined, and more effective method for protecting their digital landscapes.

We are introducing a unified dashboard that enables our customers to gain a real-time, holistic perspective of their entire network and cloud security ecosystem. Customers can efficiently manage tens of thousands of security devices, coordinating multiple tenants under a centralized global administrator.

Unified Dashboard: A Comprehensive view of firewall and security services

Security Cloud Control: Pioneering the Future of Security Management

We are further simplifying the operations for our admins with the Firewall AI Assistant. It revolutionizes network security by tackling the complexity of firewall rule management. With many organizations handling over a thousand rules—some outdated or conflicting—firewall maintenance becomes a security risk. Gartner notes that misconfigurations may lead to 99% of firewall breaches through 2023, highlighting the need for this AI-driven simplification. Customers can ask the Assistant to explain the intent of the policies and assist with creating rule.

AI Assistant for Firewall: Rule Analysis

Security Cloud Control: Pioneering the Future of Security Management

AI Assistant for Firewall: Rule Creation

Security Cloud Control: Pioneering the Future of Security Management

A key breakthrough in our security strategy is the implementation of seamless object sharing, which plays a pivotal role in maintaining consistent protection across hybrid networks. This feature facilitates the distribution of network objects across both on-premises firewalls and multi-cloud defenses. Its primary objective is safeguarding application and workload data wherever they reside, by enabling our admins to build a consistent policy across different environments. This approach fortifies the security posture of your hybrid environment, and streamlines change management processes, reduce opportunity for errors, thereby, contributing to a more secure, effective, and resilient IT ecosystem.

Consistent Policy Enforcement: Sharing Network Objects across on-prem and Cloud environments

Security Cloud Control: Pioneering the Future of Security Management

We are committed to continuously enhancing our services and expanding our global footprint to better serve our customers. In conclusion, our vision extends beyond merely supplying tools—we strive to revolutionize the user experience.

Through the fusion of cutting-edge technology and intuitive design, our goal is to foster a supportive environment for administrators, where operations are efficient, and security is strong. We are dedicated to alleviating the customer’s burden by offering a Unified Security Platform that empowers them to achieve the best state of security.


Saturday 22 June 2024

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

All the technology around us is meant to increase our productivity through tools and automation so that our quality of life can be improved. The reality can be very different, especially if you are an MSP.  There are so many factors affecting your quality of life like stress due to client emergencies, tight deadlines, unpredictable working hours or challenges at the end of the month for billing and invoicing with your customers. Above all getting ahead of breaches, staying ahead of hackers can all add to reduced quality of life.

I know that we cannot take away all the stress inducing factors for our MSPs, though that is our vision, but for now I want to talk about how we are making it easy for our MSPs to do business with MSP center and have an easier time managing their Cisco security products with MSP Hub.

MSP Center is our simplified, usage based post-paid buying model where you as an MSP can sign up once to get access to Security portfolio. There are no long forms to fill in, training requirements to pass through or chat with several sales reps to get access to the products. If your customer needs a security offer, you can provide it from our portfolio in a few minutes.

Once you sign up on, you get access to MSP Hub which as the name suggests is a dashboard for MSPs to manage all Security products, customers, billing and invoicing along with ecosystem integrations in a single pane. Several hundred partners are currently using the hub and are absolutely loving it. One of our partners remarked, “This is exactly the dashboard we want as an MSP, single pane of glass across all Cisco products for MSPs”.

I want to detail a few use cases which can save a lot of time for MSPs.

◉ Customer Management – The customer management feature on MSP Hub streamlines the customer onboarding process for multiple products in a single place. The Bulk Import feature also lets our partners import their end customers easily saving multiple clicks and reducing mundane tasks for MSPs.

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

◉ Billing and Invoicing – This feature enables easy access to historic billing, ability to change the payment information and a detailed breakdown of usages which in turn helps you as an MSP to reduce the man hours around invoicing the customer and resolving billing and invoicing issues. We also plan to build integrations which can further simplify your life.

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

◉ Technical Integrations – We are simplifying how our Cisco Security products can easily integrate with ecosystem partners in a simple 3 click process. This will further save our MSPs from tedious and elaborate integrations. We are working with some of your favorite RMM vendors. Reach out to us to know more.

Up your Quality of Life with Secure MSP Hub and Secure MSP Center

◉ Apart from this, there is a simplified on-demand training portal that your sellers or engineers can use to sell and deploy the products easily.


Thursday 20 June 2024

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

Marketing Velocity Central (MVC) is Cisco’s data-driven demand generation platform created by marketers for marketers. Our partners use MVC to learn, build their brand, launch campaigns, track results and become world-class marketers.

For the past decade, MVC has provided our partner marketing professionals with curated campaigns for today’s biggest opportunities. This month’s spotlight campaign is on end user security with Cisco User Protection Suite.

The User Protection Challenge

One of the main challenges facing organizations today is identity-based attacks. Bad actors are using a wide range of techniques, from phishing and social engineering to supply chain attacks, business email compromise, and more. For many of these attacks, it would take a cybersecurity expert to spot the red flags. This has become a major problem for organizations. Talos, Cisco’s Threat Intelligence Group, found that 80% of breaches were caused by targeting users.

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

User Protection is a hot topic, and one many security buyers have been grappling with. Each time a new threat emerges, a new solution comes to the market to protect against that threat. In fact, large enterprises have, on average, 76 security products. This is leading to product complexity for security and IT teams and organizations are looking to simplify.

This is where Cisco, along with our partners, can provide a holistic approach to protecting users.

Cisco has investigated and researched this problem and when we asked security buyers what their top concern is, they said over and over that product complexity is the root of the challenge. So rather than continue the vendor-by-vendor approach, we asked if these same buyers would consider a suite to save time managing products, to make it easier to deploy products, and save money.

With the Cisco User Protection Suite, we offer a new approach to protecting users and only Cisco has the scale and network to inform our products to better protect our customers. With over 300,000 customers and over 550 billion security events per day, we see a lot. We are using this information to better protect our users so we know which malicious sites we should block, which IP addresses bad actors are using, or what behavioral indicators should trigger certain alerts.

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

Cisco User Protection Suite

The Cisco User Protection Suite provides a simplified, integrated user experience. User protection provides better efficacy through an integrated roadmap, comprehensive protection, and incorporates AI to transform management and secure outcomes.

Products work together and provide customers with:

  • Better experiences: enables your customers to be productive at their job with secure, seamless access to all resources
  • Better economics: Work with one vendor to provide the breadth of solutions to protect your users – that means one contact, one contract, and one renewal.
  • Better efficacy: improve your customers’ security posture, lower their risks, and keep their sensitive information safe.

Cisco User Protection Suite provides our partners with:

  • Consolidating cybersecurity solutions under one vendor to simplify subscription management for partners
  • Expanding the opportunity into an Enterprise Agreement (EA), making it much more difficult for competitive security providers to displace incumbency
  • Collaborating with our customers as a trusted advisor and support customers on their user protection journey
  • Improving efficiency and saving customers money, while providing a valuable business outcome

Drive demand and pipeline with Marketing Velocity Central

Did you know that partners who use Marketing Velocity Central (MVC) generate 4 times more pipeline than those who do not? As a benefit for being a Cisco registered partner, you can generate more pipeline and bookings by activating the User Protection campaign on Marketing Velocity Central.

MVC accelerates your time to market with ready-to-use content, customizable campaigns including email and social copy, images, logos, and shareable content to drive customer engagement.

To optimize your marketing campaigns, MVC also provides services such as:

  • Co-branding: show your credibility by downloading and using your Cisco partnership logo through logo builder
  • Customization: set yourself apart by picking a ready-to-go campaign, edit it and choose from the many images in our library
  • Account-Based Targeting: upload and manage your list of contacts in one single place while tracking campaign engagement via a lead-scoring method
  • Full-Service Activities: hire a third-party marketing agency to help you obtain even better results and use your Cisco marketing funds, or your own funds


Tuesday 18 June 2024

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting

Workload security tools draw the attention of diverse cohorts, united by a mission: fortifying hybrid cloud workloads. In a market filled with disparate tools, Secure Workload offers a tailored reporting solution that revolutionizes how SecOps, Network Administrators, and CxOs interact with their workload security solution.

A New Era of Informed Decision Making

Traditional workload security tools often fail to provide metrics tailored to the distinct needs of SecOps, Network Administrators, or CxOs. These tools fall short due to a lack of development focus on holistic user requirements and an inadequate understanding of the diverse metrics that each of them values.

For example, SecOps teams require detailed insights into Cisco Security Risk scores, workload vulnerabilities, and the effectiveness of security policies. NetOps, on the other hand, requires visibility into agent health and policy compliance, and CxOs need high-level summaries that demonstrate cost savings and ROI. Without these tailored insights, traditional tools fail to offer a comprehensive view of security effectiveness.

The shift towards DevSecOps, AI-driven security, and Cloud Native security has led to cumbersome back-and-forth communication and the need to share information across siloed network, security, and application development functions. In the past couple of years, we have seen a surge in productivity-enhancing feature requests from customers, driven by the challenges of siloed networks and security organizations not sharing information. This lack of integration highlights the critical need for a single pane of glass view that can provide a unified perspective of the organization’s security posture.

By consolidating data from various functions into one comprehensive dashboard, the Reporting Dashboard addresses these challenges facilitating smoother communication, enhanced collaboration, and more effective security management across all teams.

Addresses Challenges Directly

Let’s delve into the specific outcomes that the Reporting Dashboard delivers.

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting
Reporting Dashboard Landing View

Data-driven Insights for CxO and SecOps

The feedback from CxO participants at Secure Workload’s Customer Advisory Board highlights the need for personalized reports that deliver actionable intelligence. The out-of-the-box summary of security, compliance, and evidence-based metrics is invaluable for the CxO. By showcasing the percentage of workloads protected with Secure Workload agent coverage on the license utilization chart and workspace policy coverage, SecOps can demonstrate tangible productivity gains to CxOs. Moreover, by quantifying the time savings in policy maintenance, SecOps, and Network Admins can provide CxOs with actionable analytics that illustrate the efficiency and effectiveness of their microsegmentation strategy.

This data-driven approach empowers CxOs to make informed decisions and strategically channel investments to optimize their company’s security posture.

Empower NetOps

NetOps enjoys enhanced visibility with the Reporting Dashboard, which provides a consolidated view of deployed agents and other assets. This allows NetOps to quickly identify and address agent issues, ensuring seamless operation of critical assets.

Policy Compliance is simplified through a single, unified view that highlights workspaces without enforcement and identifies policy discrepancies, and policy sync issues. This streamlined approach aids NetOps in ensuring policy compliance.

Insights from the Cluster Summary enable NetOps to establish retention policies for regulatory compliance and mitigate the risk of unauthorized access, while the Telemetry Summary provides a comprehensive view of telemetry sources and their health status enabling NetOps to swiftly identify and resolve issues.

The effectiveness of the ‘Telemetry Summary’ was validated when a customer shared their feedback –  “I like this quick viewpoint which should help troubleshoot duplicates.”​

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting
Telemetry Summary section highlighting Inventory issues for NetOps

Elevate SecOps Productivity

◉ Prioritizing CVEs alleviates the challenge of CVE prioritization as shown in the image below.
◉ Providing workload summaries with enforcement status, enabling seamless policy enforcement assessment.

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting
CVE Prioritization

Equipped with predefined rules and MITRE TTPs, CSW agents can detect suspicious application behavior with precision. Reporting Dashboard complements these capabilities by providing users with a brand-new intuitive experience.


Saturday 15 June 2024

Bolster SaaS Security Posture Management with Zero Trust Architecture

Bolster SaaS Security Posture Management with Zero Trust Architecture

According to AppOmni’s 2023 State of SaaS Security report, 79% of organizations reported a SaaS security incident during the preceding 12-month period. As enterprises incrementally store and process more sensitive data in SaaS applications, it is no surprise that the security of these applications has come into greater focus. Security Service Edge (SSE) solutions with Zero Trust Network Access (ZTNA) are a common way to securely connect the hybrid workforce to cloud applications.

Bolster SaaS Security Posture Management with Zero Trust Architecture
Changes in the workplace, employee preferences, external users, and customer services have made remote access to cloud applications outside the corporate network or VPN commonplace. Simultaneously, changes in SaaS usage and data with access by both human and machine identities, new compliance requirements, and cloud-to-cloud connectivity between SaaS applications have created new risks that security teams need to address.

This article describes how Cisco and AppOmni have teamed to extend zero trust principles to secure SaaS applications and data with a closed loop zero trust architecture.

Introducing Zero Trust Posture Management

The myriad SaaS applications used by today’s organizations are procured, configured, and managed by multiple departmental owners or business units with little or no visibility to security teams. Nearly all SaaS breaches involve some violation of implicit trust models — for example, a user in a sales operation role can grant Salesforce access to guest users; a test user is able to create new users and grant them new privileges. These scenarios are all too common with how SaaS applications and users are set up.

Zero-trust architectures are built by granting explicit trust that is continuously assessed based on identity and contextual risks. If such zero-trust principles can be extended to SaaS applications, policies would be designed, maintained, and monitored such that SaaS identities would never be implicitly trusted and always verified regardless of the location of the user. This zero-trust model for SaaS needs to be implemented using the just-in-time context of the application, data access, users, behavior, and events. It should be able to work together with the ZTNA controls to give security teams better mechanisms to prevent, detect, and react to attackers at the application level. These capabilities are collectively called Zero Trust Posture Management (ZTPM) for SaaS applications.

Cisco Secure Access and AppOmni SaaS Security Platform

Cisco Secure Access provides a robust, cloud-delivered SSE solution that is grounded in zero trust and delivers protected access from any user to any application. Cisco Secure Access simplifies IT operations through a single, cloud-managed console, unified client, centralized policy creation, and aggregated reporting. Extensive security capabilities are converged in one solution (ZTNA, secure web gateway, cloud access security broker, firewall as a service, DNS-layer security, remote browser isolation, and more) to mitigate risk by applying zero trust principles and to enforce granular security policies.

As a complement to Cisco’s zero trust access approach, AppOmni has implemented ZTPM principles to fill a critical void in traditional zero trust implementations by securing the application layer regardless of access location with unparalleled visibility into configurations, security postures, SaaS identities (human and machine), and user behaviors within SaaS applications. It ensures that the principles of zero trust are embedded deeply within the applications that manage and process vital business data.

Closed-Loop Zero Trust Implementation with Cisco and AppOmni

Bolster SaaS Security Posture Management with Zero Trust Architecture

How ZTPM Complements ZTNA

While Cisco Secure Access provides seamless and managed access to internal and external applications based on identity and device posture, AppOmni extends this security through the application layer.

Cisco Secure Access delivers:

  • Secure access to all applications including those involving non-standard protocols as well as those based on multi-channel and client-to-client architectures
  • A single unified management console across all security modules
  • Comprehensive ‘best-of-breed’ security capabilities, consistent rulesets, and entails a minimal learning curve
  • Resilient cloud-native architecture with extensive end-user count scalability, efficient single-pass processing for faster responses
  • Automatic load distribution and rebalancing of traffic fosters better performance

AppOmni ZTPM capabilities include:

  • Visibility into data access configuration and least privilege within SaaS applications
  • Security coverage for all SaaS identities (human and machine) i.e. external users, anonymous/ guest-users, and third party or cloud-to-cloud applications
  • Application and identity-aware threat detection to monitor user behavior of internal and external users
  • Continuous security of application posture, configuration drift, and critical application components of SaaS applications
  • Identify and mitigate misconfigurations such as side-loaded accounts or misconfigured Single Sign On (SSO) that may allow bypassing of ZTNA controls and protect your users from password attacks and account compromise

Continuous visibility into app configurations and activities enables a critical feedback loop in a zero-trust architecture. This approach uses a user’s permissions, data access entitlements, and behaviors to dynamically adjust security measures or to terminate access based on suspicious activities.

Additionally, AppOmni enhances the integrity of the ZTNA capabilities provided by Cisco Secure Access by identifying potential application misconfigurations that could lead to bypassing ZTNA controls. By implementing zero trust principles across their applications, customers can detect unmanaged accounts, inadequate IP restrictions, and other security vulnerabilities. Such proactive identification helps user and access settings from undermining ZTNA protections, thereby safeguarding users and data against phishing and other attacks.


Thursday 13 June 2024

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion

In conversations with customers about cloud infrastructure, I routinely hear two challenges when it comes to scaling their cloud deployments, these challenges include:

  • Achieving secure connectivity across clouds, virtual private clouds (VPCs), regions, and on-premises networks
  • Ensuring security is baked into the network architecture from the start.

As customers grow their cloud environment, the increasing number of VPCs and regions leads to a complex mesh of connections to ensure their applications and users can access the applications they need, regardless of on-premises or in the cloud. These interwoven spiderwebs of connections make it difficult for IT teams to properly establish secure connectivity throughout the infrastructure which increases management complexity and hinders scale. Because of the challenges organizations face in multi-VPC and multi-region deployments, customers are increasingly transitioning to cloud wide area networks (WAN) services, driven by the desire to centralize and streamline how they manage their network topology and security.

AWS Cloud WAN simplifies how customers build, manage, and monitor their WANs by automating the connectivity between branch offices, data centers, VPCs through automation and a rich dashboard. Customers can use network policies to automate network management and security tasks from a single place eliminating the need to create the complex mesh of traditional VPC peering. Recently, Amazon Web Services (AWS) enhanced AWS Cloud WAN to simplify inserting security services or VPC into these connections. This feature enables customers to integrate their Cisco security services into their network with AWS Cloud WAN, significantly simplifying how they add security into their network.

With the release of AWS’ service insertion feature as part of Cloud WAN, I am pleased to announce Cisco Secure Firewall Threat Defense Virtual and Cisco Multicloud Defense support for AWS Cloud WAN. With this support, customers can seamlessly integrate Cisco cloud firewalls into their Cloud WAN managed network topology, eliminating the need for complicated routing configurations to ensure the security of their environment. Instead, they can route traffic to their Cisco cloud firewall using the AWS Management Console or API.

Cisco’s cloud firewalls

Cisco provides two best-in-class solutions to help customers secure their cloud environments:

  • Cisco Secure Firewall Threat Defense Virtual (formerly FTDv) is the virtualized option of the Secure Firewall Threat Defense solution, enabling you to extend your network security capabilities from on-premises into the cloud, gaining a complete view of your network environment.
  • Cisco Multicloud Defense is a cloud-native security-as-a-service offering that automatically scales to secure your cloud applications wherever they’re deployed. Multicloud Defense offers the same infrastructure automation that you expect from a cloud service, making your security as easy to deploy as your application is.

Benefits of Cisco cloud firewalls with Cloud WAN

Utilizing Cisco cloud firewalls in conjunction with AWS Cloud WAN to enhance the protection of global network traffic offers customers significant operational benefits, including:

  • Unified Infrastructure for Security and Global Networking: AWS Cloud WAN offers a unified infrastructure designed for extensive AWS deployments worldwide. The integration of Cisco’s cloud firewalls with AWS Cloud WAN equips organizations with superior security measures for protecting traffic within regions, between regions, and from on-premises networks to cloud environments.
  • Simplified Multi-Regional Security Deployment: Many enterprises utilizing AWS Cloud WAN establish multi-regional networks to facilitate regional growth or implement disaster recovery strategies. The new service insertion feature streamlines the deployment across multiple regions, enabling straightforward traffic routing for both intra- and inter-regional flows through the security infrastructure, thereby eliminating the complexity associated with intricate multi-regional network arrangements.
  • Seamless integration: Customers often need inter-VPC, VPC-to-internet, or on-premises-to-VPC traffic inspected. With Cisco’s cloud firewalls supporting AWS Cloud WAN Services Insertion, customers can easily steer network traffic for inspection without creating and managing complex routing configurations.
  • Ease of management: Customers are constantly looking to simplify operational complexities. Cisco’s cloud firewall does all the heavy lifting in deployment and management, allowing customers to focus on their business priorities.

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion
Figure 1: Multicloud defense architecture in Cloud WAN

Cisco Cloud Firewall with AWS Cloud WAN

Because Cloud WAN operates globally, the best practice is to deploy your Cisco cloud firewalls within the same AWS regions as your application. This ensures that there aren’t any single region dependencies, latency, or bandwidth challenges when securing your network connectivity.

Wrap up

We’re excited for customers to take advantage of this new capability from Cisco and AWS, enabling them to simplify how they secure their increasingly complex cloud deployments.