AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

Automation and security beyond the data center – my impressions from CiscoLive! Barcelona

by

I recently attended CiscoLive! 2018 in Barcelona. It was a great opportunity to see Cisco’s latest innovations in networking and data center solutions, and with over 700 conference sessions during the 4-day event, there was no shortage of interesting material about how networks are being reinvented and transformed.

A major focus of the show was on Cisco’s industry leading intent-based networking (IBN) portfolio, which is driving a fundamental shift away from the traditional manual, time-consuming methods for managing networks.  IBN enables companies to capture and translate their business intent into network policies, and automatically activate those policies across their infrastructure.

One of the event’s key announcements was for new assurance capabilities for IBN, which enables IT teams to continuously verify their network is operating as intended, even during dynamic changes.

Cisco described this as the final piece of its intent-based networking vision: its ACI SDN and Tetration Analytics solutions are used to ‘write’ the intent, translate it into policies, and activate those policies across the network’s infrastructure; and the new Network Assurance Engine predicts the impact of planned changes, analyzes and verifies network behavior, and ensures the policies comply with business needs.  The result is that customers can build and manage agile, secure next-generation data centers.

Automation and security beyond the data center

However, today’s enterprises have complex, hybrid environments that go beyond the data center perimeter. This makes both security and compliance management challenging, because the IT management and automation processes must cover the entire heterogeneous network, including all security devices and policies (whether in the data center, at its perimeter, across on-premise networks or in the cloud) to enable true agility without compromising protection.

To show how enterprises can meet the challenges of automating security in their heterogenous Cisco environments, I gave a joint presentation with Cisco’s Yogesh Kaushik, Senior Director, Product Management for Cisco Tetration and Douglas Hurd, Cisco Security, Technical Alliances, at the conference.

The session highlighted the benefits of integrating AlgoSec’s solution with the rich capabilities of Cisco ACI and Tetration Analytics, and showed how customers can use AlgoSec to build a physical and logical network map of their entire network estate, including all security devices from multiple vendors.  Then, through integration with Tetration Analytics, IT teams can discover and map application flows, automate security policy changes end-to-end, ensure compliance, and assess and prioritize risk across their estates.

Both AlgoSec’s and Cisco’s solutions share a similar approach of focusing on application and security policies, providing automation and supporting agile application delivery for enterprises.  By integrating with AlgoSec, ACI users can extend their visibility and policy change automation to the entire network – both inside and outside the data center.

The integration creates a single source of truth for application connectivity policies across all network environments, and helps eliminate inconsistencies and tedious troubleshooting, and supports continuous compliance with a fully-documented audit trail of every change.

With AlgoSec and Cisco both taking application-centric approaches to security policy management, our integration aligns closely with each companies’ strategies and will benefit our mutual enterprise customers – enabling them to accelerate their data center application deployments, and manage security holistically across their entire heterogeneous network environment.

Subscribe to Blog

Receive notifications of new posts by email.