I have been traveling to Barcelona for many years to attend Mobile World Congress, and it was great to see the Fira come alive once again as we returned to take part in Cisco’s world-renowned customer and partner conference, Cisco Live.
Being able to attend the show this year, after adding so many Cisco related features to the AlgoSec solution – especially for ACI and Firepower – in addition to being included in Cisco’s Global Price List (GPL) made it even more special. It provided us with an opportunity to talk to so many professionals from this technology giant, as well as meeting many of our mutual customers.
I wanted to share some of the network security insights I learned over the week-long conference, including recent thoughts that have come from those discussions.
In the past this was a trend reserved for the selected few, but now more and more organizations are following this paradigm. This provides great value – a flatter network, greater segmentation and improved security.
It is something that AlgoSec and Cisco share a vision on; an application centric network design, using Cisco ACI as a flexible overlay fabric and AlgoSec business driven security policy management to bridge application connectivity to the entire hybrid network, and across the variety of different security devices.
Designing your application-centric model is not trivial. ACI lets you do pretty much everything, but the way you design your model can make the difference between a clear, manageable operation and a messy setup with many exceptions. Architects must make sure their common services are in a shared tenant, decide if they want to separate tenants based on business units or production environment vs. stage, or any other model. Once a decision is made it is important to be consistent.
Almost any customer I met at the show has something going in the cloud, most frequently over several cloud networks. Being able to see one application diagram with assets on-prem and in the cloud – presenting application flows and correlating all that to the underlying firewalls, SDN fabric and cloud security groups rules – seems like a holy grail to some audiences. For us, it’s the outcome of a long journey and a clear vision.
Cisco not only provides clear APIs for its products, but they dedicated a huge hall at Cisco Live! to educate and train developers with the goal to automate network changes. Similarly, the need to automate network security changes is clear, and while it is often not a priority for businesses at first, there has been a shift in understanding the essential role it plays.
When speaking to attendees at the show, it became clear that some considered building an in-house automation tool for their firewalls; something that would be incredibly complex. However, after seeing our solution – with the amount of logic included in network modeling, what-if risk analysis and smart policy design – they soon understood it would not be a worthwhile task when there is a high standard solution already available on the market.
The whole team had a fantastic time at the conference, and we look forward to attending more events with Cisco in 2020.
Receive notifications of new posts by email.