Cisco increases deeper visibility into threats on the network
The Internet of Things (IoT) market is expected to generate USD19 trillion in value to organisations over the next ten years, according to networking vendor, Cisco. But, unless the security industry gets a better handle of the fast evolving threat landscape and the multiple increase in attack surfaces, financial losses from attack and breaches may overtake what the IoT industry generates.
Cisco proposes a Security Everywhere vision, whereby enterprises and service providers would be able to manage security across their distributed organisations, via increasing threat visibility into their infrastructure.
This is enabled by the increasing openness of their system and a cross-architectural play according to Cisco Director of Product Management for Data Centre and Content, Munawar Hossain. “We are embedding APIs into all our systems and embedding security into everything that we do.”
For example, Cisco are now able to add more context to network traffic information by Cisco’s Identity Services Engine (ISE) and Netflow on Cisco UCS, using Lancope Stealthwatch’s anomaly detection capabilities. Enhancing threat visibility and faster threat identification plays into their strategy for the network to play a sensor role (Network as a Sensor).
The idea is to go beyond just mapping IP address to identifying threat vectors based on ISE’s context of who, what, where and how users and devices are connected and accessing network resources.
They complement this with the network’s role as an enforcer of policy, which has the objective of shrinking the attack surface via software-defined network segmentation.
Hossain explained that the ability to ‘sandbox’ part of the network that has been compromised, is based on VMware NSX’s micro segmentation technology, although when the capability is extended into a containerised environment, it becomes independent of VMware’s tech.