coc-security

One of the hardest things for a company to do is to embrace new technology and manage it in line with company policy. At most organizations, users are generally told not to access certain company data on certain devices, but they go around security controls because efficiency and convenience outweig…

Cisco IT has always strived to improve the user experience.  It is often overlooked in some IT organizations, but Cisco IT has service managers who are held accountable for the feedback they get for their service sectors.  This focus on how we perform means we are constantly pushed to improve how us…

Did you know that Cisco detects over 1.5 million intrusion attempts on Cisco’s network every day? With more than 13 billion NetFlow records captured daily, over 22 Terabytes of traffic inspected, and 750 Gigabyte of system logs collected on a daily basis, it’s changing the landscape for how to…

As I’ve described in my previous blogs and documents, the first capability deployed by Cisco IT for Identity Services Engine (ISE) is guest networking. Guest networking replaced an older existing solution, referred to internally as NextGen Guest Networking (NGGN). NGGN relied on about 12 serve…

Several customers have asked me how Cisco IT does project planning for a large enterprise deployment such as the Identity Services Engine, or ISE. What’s our approach? How do we manage operational costs? How do we measure performance? What personnel are involved throughout the process? //…

When sizing clusters for devices in our Identity Services Engine (ISE) deployment, Cisco IT uses a “3+1” formula: For every person we assume three devices (laptop, smartphone, and a tablet) plus one device in the background (security camera, printer, network access device, etc.). In a company the si…

Cisco IT is deploying Identity Services Engine (ISE) globally. ISE is a security policy management and control platform that automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. We’re running ISE 1.2 Patch 3 globally and evaluating Patch 5 for it…