Guest

Minimize Opex by Drawing Virtual Security Lines

Hariprasad Holla, Technical Marketing Engineer, Cisco Enterprise Security, Cisco India

The article was published in Infotech Lead

There is simply no denying the increasing importance of being connected. Generation Y in particular, who grew up with mobile devices affixed almost permanently to their hands, views connectivity as one of life’s fundamental resources. According to a Cisco connected World technology Report, Gen Y views Internet to be as essential as food, air and water. Gen Y would accept a lower-paying job that has more flexibility with regard to device choice, social media access, and mobility than a higher-paying job with less flexibility. This means that the workplace looks a lot different today, as the next generation of global workers enters the workplace with expectations and demands about how, when, and where they access information.

Organizations offering the ability to collaborate on any workspace and device of employees’ choice greatly increase their chances of attracting Generation Y talent and keep your business sustainable. This is also why most enterprises today are investing heavily into technologies like wireless and virtualization. Bring-your-own-device (BYOD) is becoming the norm and cloud computing inevitable. Such technological enhancements create a win-win situation, where in the employees get a rich user experience and the businesses reduce on capital and operational expenses.

With 117 Million smartphone users that grew 45% from last year, India stands third in the number of smartphone users worldwide. This number will only continue to increase in future. From Wi-Fi hotspots in the public areas to enterprise grade wireless solutions, the demand for personal device connectivity is on the rise. Several IT companies are offering employees freedom to buy the endpoint(device) of their choice, thereby greatly reducing the capital and operational expenses.

While the enterprises transition to this new model of operations which promotes a culture of rich user experience and high resource availability, the challenge is how to retain the security and confidentiality of the data that is being shared across these different platforms. Today the approach to secure information in transit needs to be multi-fold and include all aspects like who gets access to the network, what devices and where resources get accessed. To handle today’s security challenge we need to move away from point-in-time solutions, to an anytime, all the time, seamless approach.

First and foremost the security solution must ensure that it provides greater visibility in to the network. Having gained visibility, role based segmentation of the network can be done. Such isolations ensure that unauthorized access and the threat vector scope are reduced. In contrast to the traditional approach of perimeter security what we now need is a pervasive enforcement of the enterprise policies that ensure that there is multi-layer protection of critical resources. Real-time monitoring and intrusion prevention methodologies compliment the access control measures by securing the network from live attacks. A comprehensive security infrastructure must be available that can bring back the business to function quickly, in case of a compromise.

Solutions like Cisco TrustSec controlled by the Cisco’s Identity Services Engine (ISE) offers for context-aware policy definition and enforcement. The ISE authenticates and authorizes users and provides endpoint access to corporate resources based on a wide range of features including user role, device type, security posture, location, and a variety of other contextual information. Unlike the traditional model of VLAN based isolation and access controls with IP based policies, Cisco TrustSec employs a much efficient and secure alternative with Security Group Tags (SGT) based network segmentation and policy enforcement.

As networks transform to accommodate newer technological trends, enterprises must be equipped with the right tools to operate securely and cost effectively. Critical here is to ensure that resources minimize operational expenses by drawing virtual security lines.

Let Us Help