Cisco’s Borderless Network Architecture Vision and Strategy

© 2011 Cisco and/or its affiliates. All rights reserved. 1CISCO CONFIDENTIAL INTERNAL USE ONLY

Cisco’sBorderless Network Architecture Vision and Strategy

July 2012


AgendaWhy Borderless Network Architecture?

Closing

Why Architectures?

What can a Borderless Network Architecture do for you?


Drive BusinessTransformation

Enable ITEffectiveness

Empowerthe User

What Do Enterprises Want to Achieve?

User Experience, Innovation, Productivity,

Efficiency

New Business Models, Revenue Streams & Market Opportunities

Total Cost of Ownership, Risk Mitigation, E2E Security, Investment

Protection


Enterprise Megatrends

MOBILITYBYOD

CLOUDSaaS | DC / VTHE NETWORK

IMMERSIVECOLLABORATIONPervasive Video

COST CONTROL, TCO, Operational Efficiency

IT EFFECTIVENESS, Service and Network Management

SECURITY, Accelerating Cyber-Threats

$


CLOUDSaaS | DC / V

MOBILITYBYOD

IMMERSIVECOLLABORATIONPervasive VideoCisco’s Architectural Approach

Data Center/Virtualization

Collaboration

Borderless Networks


Borderless Networks

Network Implications: Shifting Borders

IT Consumerization

Device Border

Mobile Worker

Location Border

Video/Cloud

IaaS,SaaS

Application Border

External-FacingApplications

Internal Applications


ScalabilityAvailability

Performance Security

and Manageability

Across Non-IT-

ControlledEnvironments

Before: Linear

Scalability

Availability

Performance

Security

Manageability

Cost of Ownership

Now: Multidimensional

Application

Same Challenges: Increasing Complexity

Device

Location


BYOD Desktop Virtualization

Pervasive Video

Remote Expert

Cloud Computing

IT/OT Convergence

Key ITInitiatives

Man

agem

ent P

R

I

M

E

Focus Moves to Key System Pillars Addressing Customer Pain Points

Network and End-Point Services

EnergyWiseEnergy

Management

TrustSecPolicy

Enforcement

App VelocityApp

Performance

MedianetMultimedia

Optimization

Technology Innovation

Wireless Routing SwitchingApplicationNetworking/Optimization

SecurityAppliance

and Firewall

Systems Excellence

SecureX

Unified AccessCloud Intelligent

NetworksConnected Industries

Borderless Networks 2.0

SecureX

Unified Access Cloud IntelligentNetworks

Connected Industries




Pervasive Video

Remote Expert

Cloud Computing

IT/OT Convergence

Key ITInitiatives

Man

agem

ent P

R

I

M

E


Systems Excellence

SecureX




EnergyWiseEnergy

Management

TrustSecPolicy

Enforcement

App VelocityApp

Performance

MedianetMultimedia

Optimization



SecurityAppliance

and Firewall


Enabled by:Borderless Network Architecture

Multi-purpose: Energy Management, Building Control, Physical Security, Asset Tracking, etc.

Integrated Security from Premise to the Cloud

Application and Endpoint Intelligence with Policy, Optimization, and location-awareness

Media Aware Control to Support Voice/Video Integration

Standards + Innovations Driving Standards

Enabled by:‘Good Enough’ Network

Single Purpose

Security as a Bolt-On

Application and Endpoint Ignorant

Basic QoS

Standards-Based

Which Workspace Will Your Customer Deliver?

Traditional Workspace Next-Generation Workspace

Data Voice AnyDevice

ImmersiveCollaboration

VirtualDesktop

Mobile


TIME

The Post PC Era Is Here

Any Place, Any Time

B e n e f i t s

Improved Productivity

Cost Control

Today 56% of US workers are located outside of an office (Forrester)

From 2010 to 2011 there was a 30% increase in # of Consumer devices accessing business applications (IDC)

By 2015, 90% of businesses will allow personal devices for work use (Gartner)

By 2015, 802.11n and 802.11ac Wi-Fi technology will dominate the wireless market (ABI Research)

Wi-Fi is may become the primary means by which wireless data is consumed on smart phones (The Guardian)


The Post PC Era Is Here

Technical Risk• Difficult to secure and control• How do you know user devices haven’t

been compromised already?• Malware• Access control breach• Oversubscribed Infrastructure Source: 2011 ISACA IT Risk/Reward Barometer, US

Edition (www.isaca.org/risk-reward-barometer)

Business Risk• Intellectual Property vulnerability• Data loss from stolen or lost devices• Privacy rights (Personal vs Corporate

Owned)• Frequently Traded in and traded up• Challenges tracking compliance

…but, BYOD Brings Great Risk


BYOD Starts with a Business Decision:Who Should Have Access?

The BYOD Access SpectrumBasic

• Internet Access• Guest Networks• Education

Limited Access• Classified

Networks• Compliance

Issues• Critical

information

Enhanced• User needs

workspace access to application plus confidential information based on location

Advanced• User needs full

workspace regardless of location

• IT needs to control and manage data


VPN WIRELESSWIRED

Unified Access


Good

MDMManage

r

AnyConnect VPN

Cisco WLAN

Controller

PrimeNCS

Wired Network Devices

Unified AccessIntegrates Wired+Wireless+VPN together simply and securely with scale

CiscoCatalystSwitches

Identity Services Engine


Cisco ISEIdentity Services

Engine

Simplified Policy

Management

Unified AccessPolicy Management - A System to Implement Technical Policy

Authentication Services

I want to allow the “right” users and

devices on my network

Authorization Services

I want user and devices to receive appropriate

network services

Guest Lifecycle Management

I want to allow guests into the network

Profiling Services

I need to allow/deny iPADs in my network

(BYOD)

ProvisioningServices

I want to allow the “right” users and

devices on my network

Security Group Access Management

I need a scalable way of authorizing users or devices in the network


Source Group Access

Unified Access – Policy EnforcementExceptional Control Through the Network – TrustSec

Unrestricted for Employees/Partner

s

Employee

Partner

GuestInternet

Group users independent of IP address and location

Packets are “tagged” based on user role and context

Scalable and simplified management with a single policy per group

Scalable Enforcement independent of network topology

The Solution

Deployment Scenario with Security Group Access (SGA)


Unmanaged Devices, Risk ofData Loss, and Lack of Access

Unified Access – Securing Client MobilityNext-Generation Security – AnyConnect

MOBILEEXECUTIVE

Secure Mobile Connectivity

Can Mobile Devices Access My Network Securely, Reliably and Seamlessly?

AcceptableUse

Access Control

Data Loss Prevention


Improved Network Visibility Faster Troubleshooting Eliminate Configuration Errors

Unified Access – Simplified Management Single Pane of Glass View and Management

• Converged Security and Policy Monitoring• Contextual status and monitoring dashboards

across wired and wireless networks

• Integration with Cisco NCS Prime

• Improves IT efficiency• Provides single view of all user access data• Advanced troubleshooting - Less time

and resources consumed

Converged Access Management for Wired and Wireless Networks Wireless | Wired | Security Policy | Network Services


Interference ProtectionDetect, Classify, Locate and Mitigate Interference Improving Network Reliability and Performance

Improved Client PerformanceBeam Forming = More Bars Everywhere and a Superior User Quality of Experience

Superior Video Quality Improves predictability and performance to deliver Wired-like video experience over Wireless

Unified AccessEnsuring Ubiquitous and High Quality Wireless

CleanAir

ClientLink

VideoStream

• Multicast to Unicast Conversion at the AP

• Selectable Stream Prioritization

• Resource Reservation Prevents Oversubscription

Air Quality Performance




Pervasive Video

Remote Expert

Cloud Computing

IT/OT Convergence

Key ITInitiatives



EnergyWiseEnergy

Management

TrustSecPolicy

Enforcement

App VelocityApp

Performance

MedianetMultimedia

Optimization



SecurityAppliance

and Firewall

Systems Excellence

SecureX


NetworksConnected IndustriesP

R

I

M

E

Man

agem

ent


The Big Issue in NetworkingDramatic Increase in Network demand

Bandwidth (Core CapNet)

GROWTH420%

58 Gbps

11 Gbps20112006

Video End Points

20112006

7,000

~500

GROWTH1,300%

Cisco Virtual Offfice Users/Routers

20112006

22,000

~1,500

GROWTH1,366%

Cisco IT Experience


Causes….Service Level Requirements

Source: Cisco Visual Networking Index 2011, The Strategic Network - Cisco, Forrester, 2010

Video will Quadruple all IP traffic by 2014

Latency and Jitter become critical factors in

deployment

High Definition Video drives large bandwidth increases

Video

56% of organizations want to virtualize the desktop

Availability requirements increase dramatically

The new workspace will increase WAN BW

significantly, including voice and video

Visibility and Control are greatly reduced

VDI

Cloud Technology will be used by 70% of Enterprises in 2012

More than 90% route public cloud traffic through the

central site

Cloud applications are bandwidth and delay

sensitive

Security and Availability become critical

Cloud


Cisco Cloud Intelligent NetworkNext Generation Enterprise WAN

Secure & Scalable Architecture

• Modularity to support continued growth

• Pervasive Security, including Cloud access

• Scale from regional to global networks

• High Availability to 6 9’s

Rich Network Services

• Medianet for Pervasive Video

• Application Performance enhanced user experience

• IPv6 for emerging markets and solutions

• PfR for availability and Application performance

Simplified Operation & Implementation

• Simplified deployment with validated designs

• Prime Management for ease of operations

Transform Enterprise WAN and Campus Core to support evolving Business Environments and Applications


Key ITInitiatives



EnergyWiseEnergy

Management

TrustSecPolicy

Enforcement

App VelocityApp

Performance

MedianetMultimedia

Optimization



SecurityAppliance

and Firewall

Systems Excellence

SecureX




P

R

I

M

E

Man

agem

ent

Desktop Virtualization

Pervasive Video

Remote Expert

Cloud Computing

IT/OT ConvergenceBYOD


CAPABILITIES

MARKETSEGMENT

FOCUS Process Mfg. Oil & Gas Transportation Discrete

ManufacturingMachine to

Machine

Ruggedized Wireless

Access Points

IndustrialSwitches

Industrial Security

Hardened Mobile M2M Gateway

Industrial Professional

Services


Today: Disparate, Unconnected Legacy Networks

CORE BUSINESS OPERATIONSIT

IP-Rich


Cisco - positioned to assist companies transform their business thanks to its holistic IT and OT focus

But Operational Technology Networks Are Moving

…to open systems and standard protocols

From proprietary operating systemsand protocols

…to integrated and connected information flow

From segmented and siloed data flow

…to converged, secure and collaborative operations

From disparate wired and wireless networks

Leveraging Core Cisco IT Capabilities to Assist theIndustrial World on Its Path to Convergence


IT and OT converge

Tomorrow: A Converged Network with Connected Devices

CORE BUSINESS OPERATIONSIT

The Network

+

IP-Rich


FROM TO

Piecemeal Designs# ! %

Coordinated Systems

Point Enforcement Unified Enforcement

Limited Foresight 360° Visibility & Control

Customer Tested Validated Designs

End-To-End SecurityNew Networks Require A New Approach


Compliance (GRC)

Services (TS, AS, Partner)

Network (Enforcement)

Distributed Workers & BYOD

Secure Unified Access

Protecting NetworkEdges

Threat Defense

SecuringCloud

Transition

Virtualization & Cloud

Application Visibility & Control

AuthorizingContentUsage

Threat Intelligence (Visibility)

Contextual Policy (Control)

SecureXAn integrated and holistic network-based security strategy


NETWORK

Embedding Security within the InfrastructureOffers Comprehensive Visibility and Scalable Enforcement

Enhances Security Greater Scalability Comprehensive Visibility Lower TCO

Threat Intelligence

Visibility

Enforcem

ent

Behavioral Analysis

EncryptionIdentity Awareness

Device Visibility Policy Enforcement

Access Control

Threat Defense

Sees All Traffic

Routes All RequestsSources All Data

Controls All Flows

Handles All Devices

Touches All UsersShapes All Streams

ESA ASA WSAAnyConnectScanSafe IPS

Contextual Policy


Borderless Network ArchitecturalFramework Benefits

In Closing…

Empower the UserUser Experience,

Innovation, Productivity, Efficiency

Drive Business Transformation

New Business models, Revenue streams & Market opportunities

Enable ITTotal Cost of ownership,

Risk Mitigation, Investment Protection


Thank you.


Innovation with Lower Costs

TCO Comparison

ArchitectureGood Enough

Up to-15%

CAPEX

Administration & Staffing

Energy Savings

Refresh Cycle


IPv6

The Evolution of the Network…the journey continues…

Millions

Billions

Trillions

1985 2020+


Network Trends Affect Security

MOBILITY

• BYOD - Anywhere• 3rd Party Applications• Policy Management• Mobile Data

THREATS

• Expanding Attack Surface• Increasing Sophistication• Everything Is A Target• Inverted Network Design

CLOUD

• Physical to Virtual• Virtual to Cloud• Cloud Applications• Changes Everything




Pervasive Video

Remote Expert

Cloud Computing

IT/OT Convergence

Key ITInitiatives



EnergyWiseEnergy

Management

TrustSecPolicy

Enforcement

App VelocityApp

Performance

MedianetMultimedia

Optimization



SecurityAppliance

and Firewall

Systems Excellence

SecureX


NetworksConnected IndustriesP

R

I

M

E

Man

agem

ent

Cisco’s Borderless Network Architecture Vision and Strategy

Documents

Transcript of Cisco’s Borderless Network Architecture Vision and Strategy