Category Archives: Security at Cisco Live

Your applications are on the move – how do you secure them everywhere?

The applications we need to do business are no longer just residing in a single, physical data center. Sure, there are some applications running in your on-premises data center. But some are also running in offsite data centers. Or in your private cloud. Or on Amazon Web Services. Many are likely moving in between these various platforms on a regular basis – for example, from on-prem to cloud, and back.

Recent research conducted as part of our CISO Benchmark Survey indicates that organizations are deploying roughly a third of their new technology via physical infrastructure, a third virtually, and another third in the cloud. So how do we effectively control and secure this new, dynamic environment without hindering productivity and user experience?

Moving Security Closer to the Application

Due to the shifts in the way organizations deploy and access applications, the concept of application security must expand. It’s no longer just about testing for software vulnerabilities (though, that is of course part of it). Today’s application security must be multi-faceted, taking into account concepts including visibility, segmentation, access control, performance monitoring, and more. Many of the security concepts already applied to the network must now also be applied directly to the applications themselves.

This week at Cisco Live, we are unveiling our new approach to this challenge, called Cisco Application-First Security.

Cisco Application-First Security for 360°Application Protection

Cisco Application-First Security is designed to leave no stone unturned when it comes to protecting an application. It combines several of our security products into one holistic solution for making sure applications are protected no matter where they go and how they are used. Application-First Security allows organizations to:

  1. See which applications are running and what they are doing – regardless of where they are – to baseline behaviors and uncover any software vulnerabilities or suspicious processes.
  2. Enable automated microsegmentation and application whitelisting to minimize the spread of attacks laterally throughout the data center and network.
  3. Enforce security policies at scale, for thousands of applications, and across hybrid, multi-cloud data centers – without impacting reliability and performance.

Cisco Application-First Security helps you secure your applications running anywhere at the speed of your business with protection that is continuous, adaptive, and closer to the applications. This Application-First Security model allows you to confidently move your business in any direction you demand with security being an enabler for your development teams. With greater insight and control over your applications, you are able to make intelligent decisions, achieve compliance, and reduce risk.

Our new Application-First Security solution consists of the following products:

Cisco Tetration

Cisco Tetration provides holistic workload protection for multi-cloud data centers. It automatically discovers and baselines application behaviors and dependencies, then generates policy for microsegmentation. Policies are enforced at scale, consistently across workloads. Tetration can also track behavior changes to keep the policy up to date as applications move and evolve.

The Tetration platform can also detect issues such as software vulnerabilities, process behavior anomalies, and malware. If issues are identified, it can proactively quarantine servers and block communication. Tetration enforces policy across thousands of applications and hundreds of millions of policy rules – and across bare metal servers, virtual machines, and containers.

Cisco Stealthwatch Cloud

Visibility into the rest of the network is just as critical as application visibility. Cisco Stealthwatch Cloud is a SaaS service that provides complete visibility into network and cloud traffic. It collects telemetry data across the entire network to automatically monitor traffic and identify anomalies that could signify risk – even in encrypted communications.

Stealthwatch can uncover both known and unknown, internal and external threats, improving incident detection and response. In addition to monitoring on-premises infrastructure and private clouds, Stealthwatch can monitor all public cloud environments including Amazon Web Services, Google Cloud Platform, and Microsoft Azure.

Duo Beyond

Duo Beyond from Duo Security (now a part of Cisco) allows you to: 1) identify corporate versus personal devices trying to connect to your environment, 2) block untrusted endpoints, and 3) give your users secure access to internal applications without using VPNs. Duo Beyond expands secure access past traditional, perimeter-based network security with the power to grant access to any application, to any user, from any device, while maintaining security.

With Duo Beyond, you can:

  • Differentiate between corporate and personal devices.
  • Limit sensitive data access to only corporate devices.
  • Limit remote access to specific applications without exposing the network.



Security and performance go hand in hand. It’s crucial to verify that thorough security measures do not result in a slower network. That’s why our Application-First Security solution includes powerful application performance monitoring from AppDynamics, now a part of Cisco. AppDynamics provides details needed to quickly resolve issues, make user experience improvements, and ensure that applications are always meeting performance expectations – even in the most complex, multi-cloud environments.

Get Started

In today’s threat environment, no one solution can protect corporate infrastructure. Together, the above products provide the visibility and control needed to quickly identify and remediate attack attempts or other risks to application security. Application-First Security also works in conjunction with the rest of Cisco’s comprehensive security portfolio.

Get started on the path to effective, application-first security. And find out how South Africa’s oldest bank powers and protects its data center and applications with Cisco – decreasing problem resolution time from tens of hours to just minutes.

“In addition to security, visibility, and availability, Cisco technologies give all of us the ability to sleep at night.” – First National Bank, South Africa

Subscribe to our Cisco Live blog series to stay updated on all of our Cisco Live 2019 announcements.

The post Your applications are on the move – how do you secure them everywhere? appeared first on Cisco Blog.

Branch Security for the Digital Age

The market consideration and adoption of software-defined WAN represents the largest WAN transformation in recent history. Organizations are turning to SD-WAN to improve connectivity, reduce costs, and simplify management at their branch locations. In fact, a recent research study from the Enterprise Strategy Group (ESG)  found that 4 out of 5 organizations report using SD-WAN in some capacity already. Instead of backhauling all traffic through the corporate network, the research also indicated that 79 percent of organizations are shifting to direct internet access (DIA) for all or some remote and branch offices.*  With DIA, enterprises can accelerate their digital transformation with faster access to cloud applications and workloads. While the benefits are clear, this also introduces new security challenges.

The shift to SD-WAN creates new security challenges

Security has to be top of mind as you transform your network with SD-WAN and move to DIA. Branch offices and roaming users are more vulnerable to attacks, and attackers quickly exploit weaknesses. Based on the ESG research, 68 percent of branch offices and roaming users were the source of compromise in recent attacks. And as organizations move to more DIA, this becomes an even greater risk. Scaling security at every location often means more appliances to ship and manage, more policies to separately maintain, which translates into more money and resources needed.

But it doesn’t have to be that way. SD-WAN makes your networking simple and that’s the way that your security should be, too. You need security that can effectively scale across all locations, provide simple management, and enable you to easily add security services as needed.

Extend protection from the network to branch offices to roaming users with powerful cloud security

At Cisco, we want to make sure you have choices with your preferred security solution. Last November, we announced that we built a set of security capabilities into our SD-WAN devices to provide a complete on-prem solution. Now, we are delivering additional feature functionality to Umbrella, our market leading security cloud platform, to deliver a complete secure internet gateway (SIG) so you can secure your SD-WAN from the cloud. When it comes to protecting your SD-WAN, Cisco provides the flexibility you need whether on-prem, in the cloud, or both. Regardless of your deployment choice, we have you covered.

Built on top of the fastest and most reliable infrastructure, Umbrella provides simple deployment and management. In a single cloud platform, it unifies multiple layers of security—including DNS, secure web gateway, firewall, and cloud access security (CASB). It also acts as your secure onramp to the internet by offering secure internet access and controlled SaaS usage across all locations and roaming users. And we continue to deeply integrate Umbrella with Cisco SD-WAN to deliver ease of use that is unmatched across the industry.

As a leader in both networking and security, only Cisco can deliver a truly secure experience. We’re committed to offering security that is integrated into our network solutions, with simple configuration and unified policies that can be easily enforced across your entire enterprise, in every location, and anywhere users travel. As demonstrated by our expanding capabilities, we continue to make huge investments in our R&D to rapidly make our cloud security even stronger.

As you make the transition to SD-WAN and DIA, you can trust Cisco to bring together the best in SD-WAN with the most effective, most reliable, and simplest cloud security to protect it. This is just the start of the journey!

If you’re ready to learn more, visit And if you are attending Cisco Live U.S., stop by the Umbrella booth in the World of Solutions to get a demo.

*ESG Research Survey, Cisco Secure Internet Gateway Survey, January 2019

The post Branch Security for the Digital Age appeared first on Cisco Blog.

Security Happenings at Cisco Live U.S.

Come learn from the best in threat defense

Throughout the year, you hear us talking about our innovative security strategy – about how integration, automation, and simplification make your security posture better. We highlight the need for a new approach to security in a multi-domain world. An approach that securely connects any user, on any device, on any network, to any application.

Next week is your chance to join us for interactive sessions, professional networking, and hands-on demos to find out where your security stands. Whether you discover that you’re on the right track, or that you have a long way to go, our security events at Cisco Live San Diego will provide valuable insight to take your security to the next level. And you will have some fun in the process!

Below are the major security activities happening at Cisco Live from June 9 – 13 at the San Diego Convention Center.

Captivating Keynotes

Don’t miss these Cisco keynotes to hear about our overall strategy and how security fits into the bigger picture:

You Make Possible | Monday, June 10 |  10:30 a.m. – 12:00 p.m.

Join Cisco CEO Chuck Robbins and engineering leader David Goeckeler as they share Cisco’s vision for the future and unveil new innovations that will transform our industry, your business, and our world.

Innovation Without Boundaries | Tuesday, June 11 | 10:30 a.m. – 12:00 p.m.

CEO Chuck Robbins, networking and security leader David Goeckeler, collaboration leader Amy Chang, and chief customer experience officer Maria Martinez will discuss our commitment to your success through our game-changing technology and an entirely new customer experience.

Simple, Secure, Digital Workplace with Cisco Meraki | Tuesday, June 11 | 2:00 – 2:30 p.m.

Today’s users demand next-generation, digital experiences within applications that are securely accessible from anywhere. This session, led by Meraki SVP and GM Todd Nightingale, will demonstrate Meraki’s innovative, data-driven approach to engineering, optimizing customer networks, prioritizing application traffic, and security.

What Is the Future of the Firewall? | Wednesday, June 12 | 11:30 a.m. – 12:00 p.m.

In the world we live in today, is the perimeter dead? Or do we actually need firewalls in more places than ever before? If so, how do we manage them all? Come see our SVP of security product management, Jeff Reed, to learn about the future of the firewall and see demos of Cisco Defense Orchestrator and Cisco Threat Response.

And make sure you stay for our closing keynote with Julia Louis-Dreyfus!

A Conversation with Julia Louis-Dreyfus | Thursday, June 13 | 3:00 – 4:00 p.m.

Much like the tech industry, the entertainment industry is rapidly changing. Join the star of the HBO hit series, Veep, as she humorously delivers insights and inspiration on how to remain relevant despite the chaos.

Click here for more details on these and other keynotes throughout the week.

Insightful Security Sessions

Today’s dynamic threat landscape demands a security strategy that focuses on the threat itself more than simply prevention. Cisco security solutions provide threat-centric protection that spans the entire attack continuum – before, during, and after an attack. And we cover you wherever threats get in – from edge to endpoint and beyond.

Cisco Security will present over 160 sessions at Cisco Live. Check out the Cisco Live security page to plan your schedule for the week. Our security sessions, labs, and technical seminars will help you take a holistic approach to security and stop more threats faster.

If you’re interested in these sessions, be sure to book them now. They fill up fast!

We know that 160+ sessions is a lot. See the end of this post for 10 recommended crowd pleasers!

World of Solutions

Don’t forget about the show floor as a treasure trove of valuable information and experiences. The World of Solutions is the energetic core of Cisco Live, where you’ll have the chance to learn about the latest innovations from Cisco and our partners, and connect in one amazing space.

Spend some time in the Cisco Showcase and Security Village to get up close and personal with Cisco and partner technologies. Attend expo sessions, see live demos across our security portfolio, network with your peers, and kick back a little. Also be sure to stop by the Duo Security area to learn about Cisco Zero Trust, charge up your devices, and zone out on some games.

The Park

Are you struggling with more remote users, more cloud apps than you can count, and network decentralization? Come see our Cisco Umbrella team at The Park to find out how they provide a first line of defense for securing users anywhere they access the Internet.

Meet the Expert/Engineer

Consistently rated as one of the highest value programs at Cisco Live, these meetings give you the opportunity to set the agenda for a 1:1 conversation with a Cisco expert. Visit the “Meet the Engineer” desk on site to schedule a personalized discussion focused on your unique questions and challenges.

Capture the Flag

Think you have what it takes to root out threats and protect the network? Check out Capture the Flag in the Sails Pavilion on the 2nd floor.

Cisco Live Celebration

If you need a break from all your learning, be sure to attend the infamous Cisco Live Celebration on Wednesday, featuring the Foo Fighters and Weezer!

What’s new?

While you’re at the show, keep an eye on our news page and social media for the major product announcements we’re making during the week. See something you like? You’ll be in the perfect place to ask questions and learn more. You’ll also find chances on our Cisco Security Facebook and Twitter pages to win great prizes like a Samsung 55″ 4K Smart TV and a Sonos Beam Soundbar.

Live Broadcast

Can’t make it to San Diego? You can still get your front row seat to Cisco Live by tuning into the live broadcast.

10 Recommended Security Sessions

Make sure you review the full agenda of security sessions to choose what’s right for you. But if you don’t know where to start, here are some suggestions:

Talos Insights: The State of Cyber Security | Monday, June 10 | 1:00 – 2:30 p.m.

Cisco’s Talos team specializes in early-warning intelligence and threat analysis for maintaining a secure network. In this talk, we will perform deep analysis of recent threats and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.

Converge or Die: Security Products and Services | Tuesday, June 11 | 9:30 – 10:30 a.m.

Products and services are converging. Attend this session and walk away with the knowledge you need to approach today’s dynamic threat landscape with confidence.

Cisco SD-WAN Security from the WAN to Cloud Edge | Wednesday, June 12 | 8:00 – 9:00 a.m.

WAN transformation increases your exposure to a range of internal and external threats that were previously handled by your data center security. We’ll learn more about these threats and why a combination of on-premises and cloud security is a must-have for your IT team.

Endpoint Security, Your Last Line of Defense | Wednesday, June 12 | 1:00 – 3:00 p.m.

With the proliferation of advanced malware, and the endpoint being the target of the vast majority of attacks, security on the endpoint is more important now than ever. This session will dive into the arsenal of Cisco endpoint security products.

Behind the Perimeter: Fighting Advanced Attackers | Wednesday, June 12 | 4:00 – 5:30 p.m.

Unlike defending against automated and predictable infections that we see every day, dealing with advanced adversaries can be a painful experience. Our goal is to derive a series of principles that make such attacks expensive to mount, maintain, and cover.

Demystifying Zero Trust – What does it really mean? How do you achieve it with Cisco and Duo Security? | Thursday, June 13 | 8:00 – 10:00 a.m.

In this intermediate-level session, we will provide clarity into how to go from “zero” to “hero” when it comes to deploying Zero Trust in your environment.

Protecting Your Office 365 Environment: Leverage the Firepower API, Cisco Cloud Email Security, and more | Thursday, June 13 | 8:00 – 10:00 a.m.

Office 365 has become a popular choice to consume Microsoft’s email, voice, and file sharing applications. Due to changes in the consumption of applications, we need to think differently about how to secure our networks, endpoints, and users.

Workload Security and Visibility | Thursday, June 13 | 9:30 – 10:30 a.m.

Modern applications no longer just reside within a company’s physical data center, but are also deployed across a multi-cloud environment. As a result, customers must now rethink their approach to data center security and workload protection as the available attack surface and opportunity for data theft has expanded.

Risky Business: Help Reduce Risk by Gaining Visibility and Control of Cloud App Usage | Thursday, June 13 | 1:00 – 2:30 p.m.

In this session, we’ll address the security risks involved with cloud app usage and how you can gain full visibility and control of cloud applications in your environment using Cisco Umbrella.

The Future of Security Analytics | Thursday, June 13 | 1:00 – 2:30 p.m.

What does it mean to deliver superior security analytics? Join Cisco Distinguished Engineer TK Keanini to explore security analytics in its entirety: reviewing new forms of telemetry, analytical techniques, and the mistakes and shortcomings of the past so that we don’t make them again in the future.

See you next week at #CLUS!

Subscribe to our Cisco Live blog series to stay updated on everything happening at Cisco Live 2019.

The post Security Happenings at Cisco Live U.S. appeared first on Cisco Blog.