Professional Documents
Culture Documents
Enterprise Networking Power of the Platform
Enterprise Networking Power of the Platform
Customer
satisfaction
Competitive
differentiation
Employee
retention
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The expected digital experience is...
IoT
BYOD
Seattle, WA
Paris, France
IoT
Corp devices
VDI
Cameras
and sensors
Chicago, IL
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
….but the reality is
IOT
IoT
Wireless Direct Cloud
gateway connect providers
BYOD
Wireless Cloud
Seattle, WA
network proxy
Corp devices
ISP transit SaaS
Local ISP SWG
providers on-ramp
Data center
Cameras and
infrastructure
sensors Chicago, IL
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
This complexity hinders business and makes
operations…
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
It’s time for a
platform approach
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Platform—an integrated system
User Hardware/
Data APIs Policy
Interface Software
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Platforms abstract the complexity and simplify
operations
IOT
BYOD
Seattle, WA
Corp devices
Paris, France
IoT
VDI
Cameras
and sensors Chicago, IL
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Organizations should leverage platforms
to simplify IT infrastructure, whether it is
located in the cloud, data center, or edge.
Gartner
2023 I&O Platforms Primer for 2023, Jonathan Forest, Jeff Vogel, Tim Zimmerman, Dennis Smith, Feb 2023, Gartner
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The power of a platform
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Management and automation
platforms
Simplification
starts with Cisco
Unified hardware
portfolio
platforms
Operating systems
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Portfolio : New
Legacy
Branding Operating System Hardware
Switching
WLAN
Catalyst
Aironet IOS XE
AireOS x86
ASIC
Routing
ISR IOS x86
© 2022 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
One Product – Two personas
New CW 916x series WIFI6E AP’s
New
© 2022 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
The power of Catalyst Switching with the scalability of
Key Capabilities
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Networking platforms solve the tools challenge
Automate onboarding Aggregate networking Provide APIs and extend Deliver consistent
and policy activation data and telemetry through ecosystem user experience
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Operational simplicity
End-to-end assurance
Intelligent insights across all connections
Catalyst Center and Catalyst SD-WAN Catalyst switches, wireless, and routers
ThousandEyes
Meraki and Meraki SD-WAN Meraki MS and MX
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure networking
• Simpler and faster deployment of • Improved risk profile with advanced threat
Outcomes
infrastructure intelligence and flow analytics
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
How Cisco provides Secure Networking by platform
approach?
Secure Networking
TrustSec
Base Security Stack Campus:
ISE, SNA, Umbrella, FW Segmentation | SDA
SSE / SASE
Base Security Stack Remote:
Add DUO, Umbrella SIG or SSE3 MFA
Private Cloud
Deployed Anywhere
Car/ Transport
Branch Check-in
Users,
Device & Apps
Things
Corporate
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Home
Containers
Users need secure & resilient connectivity to
applications
Roaming
BYOD
Tokyo, JP
Datacenter Hosted
Apps
Applications
Corp Users/Devices
Bangalore, IND
Cameras
and sensors Singapore, SG
SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
…but this seemingly simple requirement hides a
significant amount of complexity and risk
User, Devices and Access Internet Cloud connectivity Apps (On-prem,
Things networks services infrastructure Cloud, SaaS)
IOT
Wireless Direct Cloud
gateway connect providers
BYOD
Datacenter Hosted
Wireless Cloud Apps
Tokyo, JP
network proxy
Corp devices
ISP transit SaaS
Local ISP SWG
providers onramp
Bangalore, IND
DNS
Public Cloud
IoT
Mobile
VDI networks VPN
Cameras and
sensors Singapore, SG SaaS
Security
Consistent Experience
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network connects Users & Applications
IOT
BYOD Internet/
SDWAN Datacenter Hosted
VPN Gateway Apps
Tokyo, JP
Corp devices
Remote
User
Internet
Cameras and VPN Access
sensors Singapore, SG SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Your network is KEY to managing all the complexity
and all the risk
IOT
BYOD
Datacenter Hosted
Tokyo, JP Apps
Corp devices
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
There’s a potential threat behind every connection
Hence protecting the NETWORK is the key
Remote Branch Corporate
On Prem, DC apps/
People, places and things Campus / Branch/ Remote Network Firewall & Gateway Cloud apps, SaaS
IOT
Hostile Port Scan Brute Force Side Channel
Ransomware
BYOD Scans Attacks
Privacy Default Sync Flood
Escalation Config Datacenter Hosted
Tokyo, JP DDOS Apps
Advanced Lateral
Phishing Movement
Persistent Rogue AP
Threats
Corp devices Injection Cookie
Unpatched Attacks Poisoning
Lack of DDOS
updates Network
IP Cloud
Bangalore, IND DNS Boot Sequence Cryptomining Public Cloud
BOTS Tampering
Man-in- Spoofing
Attacks
IoT Middle
Unencrypted
VDI Uplinks Persistent
Account
High jacking
Routing Attacks
Cameras
Spywareand Drive by Honeypot Table
Download poisoning
sensors Singapore, SG SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
There’s a potential threat behind every connection
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
Account
Bots Spyware
Hijacking
Drive by
download
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
There’s a potential threat behind every connection
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
Endpoint
Security Application has been the focus!
Secure Web
Gateway
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
How Secure is your Network
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
There’s a potential threat behind every connection
Hence protecting the NETWORK is the key
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
IOT
BYOD
Privacy
Hostile Scans Port Scans Default Config Brute Force Sync Flood
Escalation Datacenter Hosted
Tokyo, JP DDoS AAS Apps CASB
Endpoint
Corp devices
Security Lateral Lack of Unpatched IP Spoofing DDOS
Rogue AP
Movement Updates Networks
Secure Web
Bangalore, IND Public Cloud
Gateway
Injection Persistent
IoT Attacks Attacks
Boot Sequence Man-in-the- Unencrypted
ZTNA Honeypots
Tampering Middle Uplinks
VDI
Data Center
Cameras and Routing Table FWaaS Security
Poisoning
sensors Singapore, SG SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network Security Threat Scenario
Wireless Access Security Threats
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
Rogue Client
IOT
BYOD
Datacenter Hosted
Windows bridge Apps
Tokyo, JP
Corp devices
VP
N DDOS Attack
Not Accessible
Bangalore, IND Public Cloud
IoT
VDI
CamerasAd
andHoc Client
sensors Singapore, SG
Rogue AP SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Connectivity Needs Secure Networking
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
IOT
Hostile Port Scan Brute Force
BYOD Scans
Privacy Default Sync Flood
Escalation Config Datacenter Hosted
Tokyo, JP DDoS AAS Apps CASB
Lateral
End to End
Movement Rogue AP
Centralized
Network Threat Secure Unpatched
Endpoint
Corp devices Injection
Security
VP Lack of IntegratedDDOS Attacks
N
Analytics and NetworkingNetwork
updates
Policy
IP Secure Web
Bangalore, IND Visibility
Boot Sequence
Spoofing
Public Cloud
Man-in-
Management
Tampering
Gateway
IoT Middle
ZTNA Unencrypted
VDI Uplinks Persistent
Routing Attacks Data Center
Cameras and Honeypot Segmentation Table FWaaS
poisoning
Security
sensors Singapore, SG SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Networking
with Cisco Catalyst
Full Stack
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Intent-based networking- Foundation for Catalyst
Full Stack
Focus on “what” instead of “how”
Business intent
Continuous network alignment
SDN
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CONNECT CONTROL
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SECURE ANALYZE
CONNECT CONTROL
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SECURE ANALYZE
Making matters worst- Secure Networking
Challenges
WLAN Gateway
Multiple Policy Point Visibility
Remote
Management Wired Management
Users
VPN Cloud
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
IOT
Corp devices
VDI Internet
Cameras and VPN Access
sensors Singapore, SG SaaS
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Networking Infrastructure built on Catalyst
Full Stack architecture
Identity, Policy, Analytics and
Connected Access Access Agg/Core Wireless Routers Control and
and Threat Insights
Devices Points Switches Switches Controller Automation
Detection
Catalyst Catalyst Catalyst Catalyst Catalyst Cisco Cisco Catalyst Center
9200/9200CX//9300/ ISE DNA Spaces (appliance or VM)
9100 Series 9500/9600 9800 Series 8000 Series
9400 / 9300X/9400X 9500X/9600X
Outdoor 802.3bt Ready
Wi-Fi 6
48P 5G + Secure Analytics
25G/40G/100G ThousandEyes
Indoor
uplinks
Wi-Fi 6/ 6E SDWAN and SASE
Campus Optimized Industry’s only ready next gen edge
25G/40G/100G/400G modular WLC platform
5G RU* Umbrella DNAC AI/ML
Most comprehensive
5G RU* mGig & UPoE portfolio
8000v Virtual Router
© 2022 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Cisco Secure Networking: Deliver the best networking
experience for hybrid enterprises built on zero trust
Reduce Risk
What you get
Provide Consistent Experience
What we
deliver
Federated Identity, Policy, Visibility and Enforcement Cisco Networking
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Control
Analyze
Cisco Secure Endpoint Firepower Secure Access
Secure
Secure cloud and network Next Gen Campus & Cloud-delivered security for
access DC Firewall
Connect Hybrid DC & SaaS
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
If it’s connected with Cisco, It’s protected
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Networking
with Cisco: Use
Cases and Outcomes
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
How can IT Empower People to Connect from
Anywhere and Securely?
Who, what, and how? Where they can go?
Secure Segmentation
Access
Employees Corp device
Policy
BYOD
Access Employees Personal device
Next-gen
Guest Onboarding
Access Guests Any Device
IoT
Access
IoT Device
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Solution is Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
is an industry leading, Network Access
Control and Policy Enforcement platform, SIEM, MDM,
Cisco ISE
that lets you, Who When
PxGRID
NBA, IPS, IPAM, etc.
Share
Context with partners for
enhanced operations
Role-based Access Control | Guest Access | BYOD | Secure Access
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Cisco Secure Networking
Powered by Cisco Catalyst Full Stack
Control
Automate
Analyze
Trust
Secure
Platform
Integrity
Catalyst Wi-Fi 6/ 6E AP’s Catalyst Switching
Catalyst Wireless Controllers
Connect vmware
aws KVM Google
Cloud
Control
Automate
Analyze
Cisco ISE
vmware
Secure Microsoft
NUTANIX
aws KVM
Connect
Control
Automate
Analyze
Cisco ISE
vmware
Secure Microsoft
NUTANIX
aws KVM
Control
Automate
Cisco ISE
Secure
vmware
Microsoft
>#
NUTANIX
aws KVM
Secure Device
Access
Control
Automate
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># +
TACAS+ Secure Employee
Onboarding
Control
Automate
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + +
TACAS+ Secure Secure Guest
Access Onboarding
Control
Automate
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + +
TACAS+ Secure Guest Wi-Fi Secure Device
Access Onboarding
Control
Automate
Analyze
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + +
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access
Control
Automate
Analyze
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Client Posture
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access Assessment
Control
Automate
Use the probes in ISE and Cisco network devices to classify endpoints
and authorize them appropriately with Device Profiling.
Analyze
Device
Profiling
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access Assessment
Control
Automate
Analyze +
Device AI Endpoint
Profiling Analytics
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access Assessment
Control
Automate
Analyze + +
Device AI Endpoint Trust
Profiling Analytics Analytics
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access Assessment
Analyze + +
Device AI Endpoint Trust
Profiling Analytics Analytics
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access Assessment
Control
Automate
Analyze + +
Device AI Endpoint Trust
Profiling Analytics Analytics
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access Assessment
Control
Automate
Analyze
Cisco Spaces
ETA +
Secure ISE Cisco Secure
Analytics
aWIPS for WIFI 6E
C97-740529-04 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
Catalyst Full Stack – Deliver Outcomes Not
Products
Implications forTrend
networking
Power Hybrid Work
Reimagine Application
Secure
Networking
Secure Enterprise
Transform Infrastructure
C97-740529-04 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66