coc-security

August 3, 2015

INSIDE CISCO IT

Government, Trust, & Technology Services, Cisco SourceFire, and Contextual Network Awareness: A Proactive Approach …

One of the hardest things for a company to do is to embrace new technology and manage it in line with company policy. At most organizations, users are generally told not to access certain company data on certain devices, but they go around security controls because efficiency and convenience outweig…

October 1, 2014

INSIDE CISCO IT

Leverage Those APIs

Cisco IT has always strived to improve the user experience.  It is often overlooked in some IT organizations, but Cisco IT has service managers who are held accountable for the feedback they get for their service sectors.  This focus on how we perform means we are constantly pushed to improve how us…

September 10, 2014

INSIDE CISCO IT

Addressing Cyber-Security Challenges of Today and Tomorrow

Did you know that Cisco detects over 1.5 million intrusion attempts on Cisco’s network every day? With more than 13 billion NetFlow records captured daily, over 22 Terabytes of traffic inspected, and 750 Gigabyte of system logs collected on a daily basis, it’s changing the landscape for how to…

August 20, 2014

INSIDE CISCO IT

The Evolution of Guest Networking

As I’ve described in my previous blogs and documents, the first capability deployed by Cisco IT for Identity Services Engine (ISE) is guest networking. Guest networking replaced an older existing solution, referred to internally as NextGen Guest Networking (NGGN). NGGN relied on about 12 serve…

July 9, 2014

INSIDE CISCO IT

Cisco IT’s Identity Services Engine Deployment: Project Planning, Personnel, and Progress

Several customers have asked me how Cisco IT does project planning for a large enterprise deployment such as the Identity Services Engine, or ISE. What’s our approach? How do we manage operational costs? How do we measure performance? What personnel are involved throughout the process? //…

April 23, 2014

INSIDE CISCO IT

Cisco IT’s Identity Services Engine Deployment: Cluster and Server Sizing

When sizing clusters for devices in our Identity Services Engine (ISE) deployment, Cisco IT uses a “3+1” formula: For every person we assume three devices (laptop, smartphone, and a tablet) plus one device in the background (security camera, printer, network access device, etc.). In a company the si…

March 5, 2014

INSIDE CISCO IT

Cisco IT’s Identity Services Engine Deployment: First Capabilities to Roll Out

Cisco IT is deploying Identity Services Engine (ISE) globally. ISE is a security policy management and control platform that automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. We’re running ISE 1.2 Patch 3 globally and evaluating Patch 5 for it…