Jan. 2019

2019 brings an intensification of cyber threats, which is why Datanet Systems organized a workshop for its business partners dedicated to Cisco security solutions as well as SD-WAN technologies. The seminar aimed to demonstrate that security and networking should be approached as a unitary concept, and that implementation efforts should be correlated. The event took place on January 22 at Hotel Epoque, and the agenda included a generic exposure to Cisco’s portfolio on cybersecurity, with detailed approaches for Cisco Umbrella and Stealthwatch products, as well as a review of the Cisco SD-WAN solution. The presentations were held by a joint Cisco-Datanet Systems team consisting of Ioana Manea, System Engineer and Ovidiu Neghină, Cybersecurity Sales Specialist at Cisco Romania and Costin Deac and George Ioniţă, Consultants within Datanet Systems.

Cisco, the best integrated cyber-security portfolio

One of the key messages delivered was that Cisco became the company with the best integrated portfolio of cybersecurity products and solutions. The current offer has been shaped both by developing products in-house and by acquiring some of the best performing technologies on the market. Cisco’s approach is to follow the widespread fragmentation of the security industry, with 25% of companies getting to own and operate 11 to 20 products and solutions. The presentation highlighted not only the newest products in Cisco’s portfolio, but especially the added value that an architecture-level approach brings as opposed to a product-level approach.

Tracing an integrated security architecture is, from a Cisco-Datanet perspective, the most efficient response to the current landscape of cybercrime. Thus, an extensive series of activities can be automated which will subsequently reduce reaction time to attacks and threats, reduce the effort made to remedy them and reduce operational costs by optimizing the use of licenses required. Cisco believes that only 26% of security issues can be solved through technological approaches. For the remaining 76%, human resources, methodology, rules, policies, etc. are needed.

Visibility and control with Cisco Stealthwatch

In the context of the current cyber landscape, the efficiency of security measures is directly proportional to the visibility over the IT environment. In order for organizations to be able to carry out their business as usual, IT departments must know the exact situation of each device, monitor traffic and conversations between them, understand what is normal and when atypical changes occur, have the ability to intervene in real time or extremely fast. These are the promises of Cisco Stealthwatch, a solution that offers complete visibility over the network and security analyzes, combining the features of Advanced Threat Detection, Network Segmentation and Accelerated Threat Response. For Cisco, the network is the most valuable data source. Thus, by analyzing traffic meta data, Stealthwatch establishes a series of patterns, based on which the abnormal network behaviors that can signal an attack can be detected. To achieve this, the Cisco solution collects and processes information from various sources (up to 50,000 sources: controllers, switches, routers, firewalls, devices, etc.). Cisco Stealthwatch is the only solution that provides visibility and anti-malware protection without decrypting traffic.

Cisco Umbrella, the first level of online protection

Delivered as a Cloud service, Umbrella blocks threats before they affect endpoints and / or enter the network. The solution ensures visibility on the activities carried out on the Internet, regardless of where the users are located and the type of devices they use. Umbrella analyzes DNS requests, determines if the requests are secure, and if they are dangerous, blocks them from the start. Potentially risky addresses are analyzed in the Proxy service provided by Cisco in the Cloud and, if they present infection risks, are blocked for all Umbrella users. If a compromised domain is accessed before blocking, Umbrella identifies the users who accessed it, automatically quarantines it, and the address is blacklisted.

Software Defined WAN

The second presentation of the day brought into discussion the Software Defined WAN concept, both in terms of common usage scenarios and the impact on security. SD-WAN is a relatively new approach to the market, but has a major impact on improving the performance of applications and the experience of cloud and Software as a Service users. At the same time, SD-WAN contributes to reducing the costs related to transfer autonomy at MPLS, 3G / 4G LT level and simplifying operations related to automation and management of cloud services. The speakers outlined an overview of the Cisco SD-WAN architecture, with references to control, zoning / segmentation functionalities, application of access policies, but also to the Cisco equipment available for branches, subsidiaries and collocation projects. Also, several real situations were presented together with the solutions proposed by Datanet specialists, from migrating a Data Center, to applying traffic routing policies and isolating visitors from employees on the company’s Wi-Fi network.

For more information about the products presented at the workshop contact us at office@datanets.ro.