We tell you about the philosophy of the new declination of "distributed" security.
The advantages of the Cisco solution.
The world of IT has always been the forerunner of all the socio-economic changes that run through modern society: by its very nature, it must constantly adapt to and anticipate all the new trends and needs with which the globalized world forces us to deal.
Events such as the “Covid-19” pandemic have accelerated certain technological processes by determining new work and organizational paradigms, shifting activities toward so-called “agile” work.
“Work anywhere” has led to new issues, and companies have found themselves facing new security challenges and having to rethink their network infrastructure models. It is in this scenario that the need has arisen for companies to change their information systems to include more and more Cloud-based services to manage their operations. This new scenario has led to the need to rethink their security systems. In an increasingly “cloudized” technological environment and an increasingly distributed work environment, the traditional concept of a security perimeter has now disappeared, and it is therefore necessary to change the defensive strategy.
What is changing, then, is the very model of enterprise networks: a “hub and spoke” network model is being abandoned, landing on the “user centric” model. The loss of centrality by Data Centers in the delivery of services to enterprise users has shifted the point of application of security policies; if in the past the primary objective was the defense of information “stored” in data centers, today the need is to keep safe data that is distributed i.e., that may be in different places. Such an increase in security attentions using a “traditional” approach would result, on the one hand, in an exponential growth in the costs that companies would have to incur to implement them, and on the other hand, in an increase in the complexity of network infrastructures resulting in inefficiency, performance problems, loss of productivity, and user frustration.
In a scenario of hybrid and distributed IT infrastructures, integrated and dynamic yet effective and efficient cybersecurity is needed more than ever. Here, adopting a Secure Access Service Edge (SASE) architecture to ensure monitoring from digital threats, protection of data in motion, and security in access proves to be the new frontier of data security and could be the industry’s Copernican revolution.
The SASE model combines network and security functions in the cloud to provide secure access to applications wherever users work. A SASE solution can protect users from any location or device as they access the Internet, SaaS apps, and private apps, while providing a secure SD-WAN structure across disparate connections and centralized, simplified management.
Unifying network and security enables SASE to accelerate end-user performance by enabling direct-to-cloud connections instead of backhauling traffic through a central data center for inspection. On the other hand, unified security services promote an easier user experience for employees interacting with the applications they need to do their jobs.
A key element of the SASE approach is the implementation of the “Zero Trust” model. With this approach, the assumption that everything within the network is considered secure is overturned: Zero Trust Network Access (ZTNA) security considers everything a threat unless it is authenticated and validated continuously.
Cisco offers a full suite of services to implement SASE architectures with performance above competitors, even Gartner places Cisco as a leader, of solution and technology in the magic quadrant.
Depending on the “degree” of SASE implementation in an enterprise network, it is possible to choose between unified turnkey solutions or to choose individual services to be implemented within the network.
Cisco+ Secure Connect is Cisco’s solution for a unified SASE solution, and designed for organizations looking to simplify network and security operations as they move toward a cloudfirst approach.
In the galaxy of services that Cisco offers in its implementation SASE plays a central role
Cisco Umbrella: the Security Service Edge (SSE) service that unifies multiple security functions into a single cloud-based console.
Among its main functions are:
- Secure Web Gateway (SWG): cloud-based proxy that can log and inspect all web traffic for greater transparency, control and protection.
- Cloud Access Security Broker (CASB): helps to unmask shadow IT by detecting and reporting cloud applications in use, prevents data loss (DLP) by preventing sensitive data from leaving the organization and being stored in the cloud, detects and removes malware in the cloud and can ensure that applications remain malware-free, monitors SaaS (Software-as-a-Service) application instances that can be accessed by all users or specific groups/individuals.
- DNS-level security: Cisco Umbrella blocks requests to malicious and unwanted destinations before a connection is even established, blocking threats on any port or protocol before they reach the network or endpoints. As a service delivered via the cloud, Umbrella provides the visibility needed to protect Internet access on all network devices, office locations and roaming users.
- Firewall as a service (FWaaS): all activity is logged and unwanted traffic is blocked using IP, port, and application rules via protection Layer 3/4 in addition to Layer 7 application visibility and control. To forward traffic, simply configure an IPsec tunnel from any network device, and management is handled through the Umbrella dashboard.
- Interactive Threat Intelligence: Umbrella makes use of Cisco Talos, a system that creates and manages dozens of models to continuously analyze millions of live events per second and develops learning models that automatically classify and score domains and IPs.
Cisco provides extensive integration between Cisco Umbrella and Cisco SD-WAN ensuring automation that enables security administrators to quickly and easily infuse effective cloud security throughout the SD-Fabric WAN to protect branch offices and roaming users.
Cisco’s approach to SASE leverages a cloud-scale SD-WAN architecture designed to meet the complex needs of modern WANs in three key areas:
- Advanced application optimization that delivers a predictable application experience as the enterprise application strategy evolves.
- Layered security that offers the flexibility to deploy the right security in the right place, whether on-premises or in the cloud.
- Enterprise-scale simplicity that enables end-to-end policies from user to application across thousands of sites.
Cisco’s full portfolio of security services is integrated into the Cisco SecureX platform, which also includes third-party tools and data from all security solutions for better intelligence and faster response times. With SecureX, you can immediately visualize threats and their organizational impact and get an immediate verdict for the observables you are analyzing through a visually intuitive relationship graph. The system allows you to triage, prioritize, track, and respond to high-fidelity alerts through the built-in incident manager. Rapid response actions can then be taken across multiple security products: isolating hosts, blocking files and domains, and blocking IP, all from a single interface.
IT Centric is a Cisco partner, recognized by the global giant as an added value to the implementation of Cisco technologies in complex and non-standard areas, receiving, in October 2021, the certificate of “Cisco Security Specialized Partner”.
IT Centric operates in the ICT, Cybersecurity and Networking sector with solution designs, implements and manages cutting-edge IT solutions thanks to its expertise in Networking, Cybersecurity, Unified Communications & Collaboration, Cloud & Data Center, Engineering, R&D. The company’s goal is to meet the demands of organizations in complex and articulated scenarios, guaranteeing the highest technological standards while respecting privacy and data protection.
