For Cisco, the future of security is being shaped by software-defined networking

Cisco Live! 2019 emphasised the role of analytics, automation, and other software in building responsive security architectures

Convergence has long been a theme when Cisco refines its technological messaging at its annual Cisco Live! conference, but this year’s event leaned more heavily than ever on software-defined networking (SDN) as a unifying force – and, by extension, an enabler of DevSecOps’ vision of universal, well-integrated security and operational capabilities.

SDN has become widespread as companies revisit their network architectures to provide better manageability, more flexibility, and ad-hoc allocation of compute, storage, and networking resources.

It’s a model based on the flexibility of the cloud, and indeed in Cisco’s Umbrella vision the software controlling the network will enable seamless integration between on-premises and cloud-based environments – with security as a core capability managed by policies that automatically propagate across both elements of the networked environment.

Recent acquisitions such as Cloudlock cloud access security broker, Stealthwatch cloud-security analytics, Tetration east-west traffic analysis, and others have supported this vision, with vice president for global security sales John Maynard kicking off the conference noting that “the networking conversation and security conversation are completely coupled today.”

This was only going to increase as 5G mobile networking and emerging Wi-Fi 6 technology made wireless network access faster, more seamless, and increasingly risk-filled for enterprise data consumers who had already learned a hard lesson in the wake of 2017’s devastating WannaCry and NotPetya attacks.

Cisco’s DevSecOps-like model would address this risk with tightly integrated networks that would be able to use analytics to detect potential security issues, responding through automation to enforce segmentation and other policies to contain potential damage or block infection altogether.

A core element of this environment is the idea of Zero Trust – which leverages Cisco’s acquisition of Duo to look past the ravages of credential compromise, forcing users and their devices to be regularly authenticated based on a range of factors.

Yet the solution is more than technical, speakers warned, noting that cybersecurity’s “terrifying” image had compromised its standing within business organisations. With new Cisco research confirming that Australian data breaches are getting expensive faster than the rest of the world, CISOs know they need to get on the front foot to put cybersecurity at the forefront of enterprise transformation.

“We want to move from the situation of being overwhelmed to being empowered,” Maynard said – sentiment reinforced by Earl Carter, from Cisco’s TALOS threat-intelligence arm, who warned that enterprises faced dynamic and ever more-difficult attacks from cybercriminals who are getting more creative in their efforts because the “low-hanging fruit” – easily-exploited vulnerabilities – was getting harder to find.

One architecture to rule them all

Analytics was a common theme throughout the event, which attracted thousands of delegate and included hundreds of technical and informational sessions across four days in early March.

Opening the main event with the theme of “the bridge to possible”, Miyuki Suzuki, Cisco president for Asia Pacific, Japan and China, issued a call to action around innovation – which, she said, “will help you take advantage of the discontinuities in the world. Imagination will drive disruption and create opportunity.”

The company’s doubling-down on SDN was positioned as an enabler for this disruption, with senior vice president of operations Irving Tan noting that the process of digitisation had gone “well beyond taking a manual process and just automating it.”

“To me,” he explained, “it’s about how it enables us to deliver truly different experiences to our customers and employees – and how it enables us to disrupt or transform our own business models.”

Multi-cloud operation would become a core competency within enterprises and 5G and Wi-Fi 6 would “move connectivity and digital transformation beyond devices into the realm of machine-to-machine,” he continued, with autonomous vehicles communicating to each other and massive networks of real-time sensors driving all manner of business processes.

Yet this expanded range of data sources would also increase exposure to security trends that are “truly global,” Tan noted. “This requires us to have a different mindset for security, and a way of prevention and rapid protection. Security is foundational, and has to be applied everywhere. Every single employee needs to be educated and ware of the role they have to play in keeping the organisation, and its customers, cyber safe.”

Emerging SDN-powered networks would be assisted both with technical announcements – such as the recent release of a new range of 400Gbps Ethernet switches – and software-driven announcements that position capabilities like threat intelligence as something that can be tapped into by networking and security tools across the enterprise SDN.

“The infrastructure,” Tan explained, “which used to be the limiting factor in terms of how fast your organisation could be responsive and agile, is now an enabler to help you with the speed of driving the business…. Many organisations have implemented holistic security architectures that go on-premises, on the cloud, and down to the device.”

Security through analytics

By relying on a common security architecture rather than trying to reinvent the proverbial wheel in each product, Cisco sees such holistic security architectures as being empowered by its Talos threat-intelligence capability – which, independently and, with the support of outside information sources, provides a security capability that is both responsive and effective.

Analytics would also play a critical role in evolving methods for protecting and managing encrypted traffic flows, which were becoming harder to monitor thanks to improving encryption techniques.

Cisco was refining ways to pick threats out of encrypted traffic streams without compromising privacy and performance by having to decrypt that traffic; instead, analytics techniques would be used to monitor encrypted network traffic for telltale signs of potential threats.

This approach lies at the heart of ‘intent-based networking’, an architectural approach that made its debut with a new partnership between Cisco and Perth’s Curtin University, where the $7m Centre for Intent-Based Networking (CIBN) was announced at Cisco Live! as an extension of a collaboration approach that has also seen Cisco running an ongoing partnership with Woodside.

“Students are voracious adopters of technology, but we have to balance a permissive environment with protecting those students,” Cisco senior vice president and general manager of enterprise networking Scott Harrell said in announcing the CIBN along with Curtin university representatives.

“Anyone knows that you can do analytics well, but where it gets interesting is when you get data sets and start to cross-reference them. We’re experimenting with encrypted traffic analytics, and this is a good example of how you use big data and analytics to potentially solve next-generation security problems.”

Core trends for 2019

Addressing those security problems is a key goal for enterprises this year, Cisco chief technology officer Kevin Bloch said in enumerating his key predictions for this year – but they’re not the only challenge businesses face.

Apps had become key drivers for brand loyalty and organisations needed to refine customer experiences with that in mind, Bloch said in a wide-ranging presentation at the Cisco Live! World of Solutions, where dozens of vendors displayed their products and engaged with attendees and customers.

Other key trends included the shift from mobile-first strategy to AI-first; the economic dislocation of organisations that fail to use technology to build trust with customers and integrity with regulators; the expansion to cloud platforms; 5G and nano-satellites empowering new IoT networks and business models; and more.

Bloch proclaimed 2019 “the year of SD-WAN”, reflecting Cisco’s overall SDN vision, while noting that cybersecurity remained “a pretty serious issue” for every organisation.

“Where is the perimeter in the modern world,” he asked. “We are accessing resources over anything and from anywhere – so where do we put the peripheral super god-box that’s going to protect the organisation?”

“The answer is that it’s not about a box anymore: perimeters are shifting closer to the entities that they protect – so with Zero Trust, we don’t trust anybody. We want to know who you are, where you are, what device you’re using, and what you need to do before we authenticate you to the network. That’s a pretty important change from a security point of view.”

The SDN vision was supporting that change by providing visibility into all manner of threats: “Knowing what’s going on in your domain in NSW is not good enough,” Bloch said. “You need to know what’s going on around the world”.

Anand Oswal, Cisco’s senior vice president of engineering, picked up the thread in the conference technology keynote, where he also lauded the game-changing nature of 5G and Wi-Fi 6 but noted that businesses needed to be ready for the change they would bring.

“We need to make sure that these two disparate access networks communicate and talk to each other to ensure that we have unified policy, security, analytics, and visibility,” he said. “Ensuring that these two management systems help make the transition seamless will be our next goal.”

It’s all part of the evolution of Cisco Digital Network Architecture (DNA), the ever-expanding range of products and services with which Cisco is working to drive the enterprise communications agenda for the long term.

“Everything we do, we lead with software-defined,” Tan said. “We realised the thing we wanted to do was not about technology. It was about how we change the culture of the company and the mindset of the teams, and enable and accelerate this business model evolution.”

For Cisco, the future of security is being shaped by software-defined networking