When the recent WannaCry ransomware cyber-attack struck computers running older versions of Microsoft Windows, it quickly infected more than 300,000 machines in 150 countries, sowing chaos among healthcare, telecom, financial and other organizations. But what if IT departments could rapidly section off infected parts of their network in order to contain the damage inflicted by such cyber-attacks—the metaphorical equivalent of a prison lockdown to contain a riot?
That's just one of many powerful capabilities unleashed in a major rollout of new software and hardware by Cisco. The move meant to address challenges facing traditional networks—among them deploying IoT at scale, handling increased complexity and mitigating an ever-expanding universe of security threats.
Quantum leap in networking
The launch, starting this month, is a quantum leap in the evolution of Cisco's Digital Network Architecture (DNA). That's the term for the new software-driven approach to networking that helps customers grappling with digital transformation.
One of those customers is Scentsy, an Idaho-based direct selling company which runs $450M revenue over an e-commerce platform for selling wickless candles, and scented wax among other products. They are able to scale to support over 150,000 consultants thanks to Cisco technology. Scentsy, like many companies serves a wide variety of audiences on its network, including customers, consultants, employees, distributers and guests. Cisco's new Software Defined Access now allows each person to see only information specific to them. In the past, IT had to manually segment out who had access to what information. Now the process is automated, and much less prone to human error.
Kevin Tomkins, network architect at Scentsy says this technology is a game changer. "Once you can do segmentation based on users, not just an IP address, and a user can log in from anywhere on any device- It goes from, ‘I wish, but it will never happen, to we can do that tomorrow."
"Once you can do segmentation based on users, not just an IP address, and a user can log in from anywhere on any device- It goes from, ‘I wish, but it will never happen, to we can do that tomorrow."Kevin Tomkins, network architect at Scentsy
Essentially the network has contextual knowledge. What information IT puts in, the network learns, automates, and allows teams to set policies in a more consistent and faster way.
Scott Harrell, Senior Vice President of Product Management for Cisco's Enterprise Networking Group says Cisco is redefining the network.
"This launch is about the ability to make the network simpler for power users allowing them to deliver sophisticated and dynamic network operations. We do this by providing a single pane of glass in Cisco DNA Center, brand new Catalyst 9k platforms, a fabric based approach for the campus and access layer, and next generation analytics for security and operations." says Harrell.
"We're releasing something that nobody else in the market can do."Where traditional networks are hardware-centric, manual and with fragmented security, the new network is software-driven, automated, with built-in security and the ability to turn network data into business insights. Employing machine learning on a colossal scale, the new network can learn, intuit and predict. The result, according to Cisco, is a fully integrated intent-based networking system.
The multi-product rollout starts with a new DNA-ready series of switches. The Catalyst 9000 switching portfolio constitutes a mobile, IoT, and cloud-ready platform with integrated security, including the industry's first solution to identify threats in encrypted traffic.
Harrell says, "We're releasing something that nobody else in the market can do, which is basically the ability to understand whether or not there's malicious traffic inside of encrypted traffic without encrypting it. This is the big trick that attackers are realizing and leveraging. If they encrypt traffic, they can bypass security tools because of privacy reasons."
The innovations don't end here: As DNA evolves further and the network becomes more open and programmable, application developers will be able to unlock new capabilities through API integration with the DNA hardware infrastructure.
"For customers, the network is more relevant now than ever before," says Harrell. "With this fully integrated single system, customers can trust that the right best practices are in place. This is a new beginning. From here, we can do just a lot of insanely cool and incredible stuff."