Enterprise Networking Power of the Platform

Soon Kok Weng Angelica Tan
Enterprise Networking, Product Meraki, Product Sales

Sales Specialist, Cisco Specialist, Cisco
Simplify. Unify.
Power of the Platform
Cisco Networking
Soon Kok Weng

June 2023 Angelica Keith Tan
Product Sales Specialist, EN Product Sales Specialist, Meraki
November 2023
Now more than ever, experiences matter
Customer
satisfaction
Competitive
differentiation
Employee
retention
Power of the Platform © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The expected digital experience is...
IoT
BYOD
Seattle, WA
Paris, France
IoT
Corp devices
VDI
Cameras
and sensors
Chicago, IL
….but the reality is
People, places, Access Network Transport Apps

and things networks services infrastructure (data center, cloud)
IOT
IoT
Wireless Direct Cloud
gateway connect providers
BYOD
Wireless Cloud
Seattle, WA
network proxy
Corp devices
ISP transit SaaS
Local ISP SWG
providers on-ramp
Paris, France DNS

IoT
Mobile
VDI networks VPN
Data center
Cameras and
infrastructure
sensors Chicago, IL
This complexity hinders business and makes
operations…
Less Less Less

streamlined secure innovative
IT needs a different approach
It’s time for a
platform approach
Platform—an integrated system
User Hardware/
Data APIs Policy
Interface Software
Platforms abstract the complexity and simplify
operations
People, places, Access Network Cloud connectivity Apps

and things networks services infrastructure (data center, cloud)
IOT
BYOD
Seattle, WA
Corp devices
Paris, France
IoT
VDI
Cameras
and sensors Chicago, IL
Organizations should leverage platforms
to simplify IT infrastructure, whether it is
located in the cloud, data center, or edge.
Gartner
2023 I&O Platforms Primer for 2023, Jonathan Forest, Jeff Vogel, Tim Zimmerman, Dennis Smith, Feb 2023, Gartner
The power of a platform
A networking platform converges capabilities and applies a consistent

user experience, automation, intelligence, and an API-driven
ecosystem to deliver…
Simplified operations Faster

Secure digital experiences
and management innovation
Management and automation
platforms
Simplification
starts with Cisco
Unified hardware
portfolio
platforms
Operating systems
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Portfolio : New
Legacy
Branding Operating System Hardware
Switching
Catalyst CatOS UADP/ASIC
WLAN
Catalyst
Aironet IOS XE
AireOS x86
ASIC
Routing
ISR IOS x86
© 2022 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
One Product – Two personas
New CW 916x series WIFI6E AP’s
DNA Persona Meraki Persona

C9800 & DNAC Stack MR Dashboard Stack
New
The power of Catalyst Switching with the scalability of
9300-M Meraki cloud management.
New Gain operational excellence

Through streamlined end-to-end
management.
Unify campus and branch

network operations with a centralized,
intuitive experience in the cloud.
Extend common policy

Orderable with Meraki day 0 experience
seamlessly across Catalyst and Meraki portfolios
without added complexity.
Plus, benefit from investment protection and operational

flexibility.
Cisco Networking Cloud
An integrated platform for on-prem and cloud
operating models
Key Capabilities
• End-to-end assurance and AI/ML capabilities

across domains
• Multi-domain topology and workflow
• Common policy across security and networking
domains
• Unified design system, SSO, API key exchange,
platform navigator
Cisco Networking platforms solve the tools challenge
Cisco Meraki and Catalyst platforms accelerate digital transformations

by making it easier for organizations to manage, configure, automate,
and gain insights from their infrastructure.
Automate onboarding Aggregate networking Provide APIs and extend Deliver consistent
and policy activation data and telemetry through ecosystem user experience
Operational simplicity
End-to-end assurance
Intelligent insights across all connections
Platforms Products Additional products
Catalyst Center and Catalyst SD-WAN Catalyst switches, wireless, and routers
ThousandEyes
Meraki and Meraki SD-WAN Meraki MS and MX
• Greatly simplified assurance operations • Internet visibility built into management

Outcomes
dashboard
• Improved troubleshooting and issue
resolution • Visibility across all network connections
including internet
• 65% lower cost of connectivity
Secure networking
Secure Campus & Branch Networking

More easily managed campus networking
Platforms Products Additional products

Catalyst Center Catalyst switches and wireless Cisco ISE
Meraki Meraki switches and wireless Cisco Umbrella
• Simpler and faster deployment of • Improved risk profile with advanced threat
Outcomes
infrastructure intelligence and flow analytics
• Improved applications and data security • Streamlined operations management and

troubleshooting for improved performance
• Improved data protection and reduced
and uptime
threat vulnerability with posture,
segmentation, and microsegmentation
How Cisco provides Secure Networking by platform
approach?
Secure Networking
Catalyst Full Stack Meraki Full Stack

Embedded AIOps & Sustainability
TrustSec
Base Security Stack Campus:
ISE, SNA, Umbrella, FW Segmentation | SDA
Base Security Stack Branch and WAN: Identity and Policy

• Add Branch Security
- FW/IPS/VPN/SSL/URL Network analytics | NDR
• Add Secure SDWAN
- Umbrella SIG or SSE DNS security
SSE / SASE
Base Security Stack Remote:
Add DUO, Umbrella SIG or SSE3 MFA
Power of the Platform

Converged Network and Security requirements
22 November 2023
Today's World is HYBRID
Airports Connect from Anywhere

Data Center
Private Cloud
Deployed Anywhere
Car/ Transport
Branch Check-in
Users,
Device & Apps
Things
Corporate
Home
Containers
Users need secure & resilient connectivity to
applications
Users need secure & resilient

Users &connectivity
Devices aretoHybrid
hybrid applications
Roaming
BYOD
Tokyo, JP
Datacenter Hosted
Apps
Applications
Corp Users/Devices
Bangalore, IND
IoT Public Cloud

Remote
User
Cameras
and sensors Singapore, SG
SaaS
…but this seemingly simple requirement hides a
significant amount of complexity and risk
User, Devices and Access Internet Cloud connectivity Apps (On-prem,
Things networks services infrastructure Cloud, SaaS)
IOT
Wireless Direct Cloud
gateway connect providers
BYOD
Datacenter Hosted
Wireless Cloud Apps
Tokyo, JP
network proxy
Corp devices
ISP transit SaaS
Local ISP SWG
providers onramp
Bangalore, IND
DNS
Public Cloud
IoT
Mobile
VDI networks VPN
Cameras and
sensors Singapore, SG SaaS
Security
End to End Visibility
Consistent Experience
Network connects Users & Applications
Remote Branch Campus / Industrial
People, places and things Campus / Branch/ Remote

CampusNetwork
/ Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
IOT
BYOD Internet/
SDWAN Datacenter Hosted
VPN Gateway Apps
Tokyo, JP
Corp devices
Bangalore, IND Public Cloud

IoT
Remote
User
Internet
Cameras and VPN Access
Your network is KEY to managing all the complexity
and all the risk
People, places and things

Remote Branch Campus / Industrial On Prem, DC/Cloud apps, SaaS
IOT
BYOD
Datacenter Hosted
Tokyo, JP Apps
Corp devices

IoT
Network is the bridge which connects hybrid users to hybrid apps and
Remote
User the only control point that sees everything that’s connected.
Cameras and
There’s a potential threat behind every connection
Hence protecting the NETWORK is the key
Remote Branch Corporate
On Prem, DC apps/
People, places and things Campus / Branch/ Remote Network Firewall & Gateway Cloud apps, SaaS
IOT
Hostile Port Scan Brute Force Side Channel
Ransomware
BYOD Scans Attacks
Privacy Default Sync Flood
Escalation Config Datacenter Hosted
Tokyo, JP DDOS Apps
Advanced Lateral
Phishing Movement
Persistent Rogue AP
Threats
Corp devices Injection Cookie
Unpatched Attacks Poisoning
Lack of DDOS
updates Network
IP Cloud
Bangalore, IND DNS Boot Sequence Cryptomining Public Cloud
BOTS Tampering
Man-in- Spoofing
Attacks
IoT Middle
Unencrypted
VDI Uplinks Persistent
Account
High jacking
Routing Attacks
Cameras
Spywareand Drive by Honeypot Table
Download poisoning
People, places and things Campus / Branch/ Remote Network Firewall & Gateway On Prem, DC/Cloud apps, SaaS
Adv. Persistent Side Channel

Ransomware DDOS
Threats Attacks
Cloud Crypto- Cookie

Phishing DNA Attacks
mining Poisoning
Account
Bots Spyware
Hijacking
Drive by
download
Protecting Endpoint and DDoS AAS CASB
Endpoint
Security Application has been the focus!
Secure Web
Gateway
ZTNA But what about the NETWORK?

Data Center
FWaaS Security
How Secure is your Network
Protecting Endpoint and Application has been the focus!
But what about the NETWORK?
Hence protecting the NETWORK is the key
IOT
BYOD
Privacy
Hostile Scans Port Scans Default Config Brute Force Sync Flood
Escalation Datacenter Hosted
Tokyo, JP DDoS AAS Apps CASB
Endpoint
Corp devices
Security Lateral Lack of Unpatched IP Spoofing DDOS
Rogue AP
Movement Updates Networks
Secure Web
Gateway
Injection Persistent
IoT Attacks Attacks
Boot Sequence Man-in-the- Unencrypted
ZTNA Honeypots
Tampering Middle Uplinks
VDI
Data Center
Cameras and Routing Table FWaaS Security
Poisoning
Network Security Threat Scenario
Wireless Access Security Threats

Disruption
Rogue Client
IOT
BYOD
Datacenter Hosted
Windows bridge Apps
Tokyo, JP
Corp devices
VP
N DDOS Attack
Not Accessible
IoT
VDI
CamerasAd
andHoc Client
sensors Singapore, SG
Rogue AP SaaS
Secure Connectivity Needs Secure Networking
IOT
Hostile Port Scan Brute Force
BYOD Scans
Privacy Default Sync Flood
Escalation Config Datacenter Hosted
Tokyo, JP DDoS AAS Apps CASB
Lateral
End to End
Movement Rogue AP
Centralized
Network Threat Secure Unpatched
Endpoint
Corp devices Injection
Security
VP Lack of IntegratedDDOS Attacks
N
Analytics and NetworkingNetwork
updates
Policy
IP Secure Web
Bangalore, IND Visibility
Boot Sequence
Spoofing
Public Cloud
Man-in-
Management
Tampering
Gateway
IoT Middle
ZTNA Unencrypted
VDI Uplinks Persistent
Routing Attacks Data Center
Cameras and Honeypot Segmentation Table FWaaS
poisoning
Security
Secure Networking
with Cisco Catalyst
Full Stack
Intent-based networking- Foundation for Catalyst
Full Stack
Focus on “what” instead of “how”
Business intent
Continuous network alignment
Translation Capture business intent, translate to policies, and check integrity
SDN
Continuous verification, Orchestrate policies

insights, visibility, and Assurance Intent-based Activation and automate
corrective actions networking systems configuration
CONNECT CONTROL
SECURE ANALYZE
CONNECT CONTROL
SECURE ANALYZE
Making matters worst- Secure Networking
Challenges
WLAN Gateway
Multiple Policy Point Visibility
Remote
Management Wired Management
Users
VPN Cloud
IOT
BYOD VPN Gateway

Internet/
SDWAN Datacenter Hosted
VPN Gateway Apps
Tokyo, JP
Corp devices

IoT
VDI Internet
Cameras and VPN Access
Secure Networking Infrastructure built on Catalyst
Full Stack architecture
Identity, Policy, Analytics and
Connected Access Access Agg/Core Wireless Routers Control and
and Threat Insights
Devices Points Switches Switches Controller Automation
Detection
Catalyst Catalyst Catalyst Catalyst Catalyst Cisco Cisco Catalyst Center
9200/9200CX//9300/ ISE DNA Spaces (appliance or VM)
9100 Series 9500/9600 9800 Series 8000 Series
9400 / 9300X/9400X 9500X/9600X
Outdoor 802.3bt Ready
Wi-Fi 6
48P 5G + Secure Analytics
25G/40G/100G ThousandEyes
Indoor
uplinks
Wi-Fi 6/ 6E SDWAN and SASE
Campus Optimized Industry’s only ready next gen edge
25G/40G/100G/400G modular WLC platform
5G RU* Umbrella DNAC AI/ML
Most comprehensive
5G RU* mGig & UPoE portfolio
8000v Virtual Router
Connect | Secure | Analyze | Control
Industry Cisco IOS-XE

UPOE Custom ASICS Container APP Hosting
Leadership Common Operating System
Cisco Secure Networking: Deliver the best networking
experience for hybrid enterprises built on zero trust
Reduce Risk
What you get
Provide Consistent Experience
What we
deliver
Federated Identity, Policy, Visibility and Enforcement Cisco Networking
Campus / Industrial Branch Remote
Source: APJC Enterprise networking analysis

Cisco Secure Networking converging Networking
and Security with a unified approach
People, places On Prem, DC apps/

and things Campus / Branch/ Remote Network Firewall & Gateway Cloud apps, SaaS
Federated Identity, Policy, Visibility & Enforcement
Cisco Identity Service Engine

Identity & Policy Platform | Cisco Secure Network Analytics
Threat Visibility & Detection
| Cisco Duo
Multi-Factor Authentication & SSO
ur r d
Control
Analyze
Cisco Secure Endpoint Firepower Secure Access
Secure
Secure cloud and network Next Gen Campus & Cloud-delivered security for
access DC Firewall
Connect Hybrid DC & SaaS
If it’s connected with Cisco, It’s protected
It’s time to deliver on the brand promise
Secure Networking
with Cisco: Use
Cases and Outcomes
How can IT Empower People to Connect from
Anywhere and Securely?
Who, what, and how? Where they can go?
Secure Segmentation
Access
Employees Corp device
Policy
BYOD
Access Employees Personal device
Next-gen
Guest Onboarding
Access Guests Any Device
IoT
Access
IoT Device
Solution is Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
is an industry leading, Network Access
Control and Policy Enforcement platform, SIEM, MDM,
Cisco ISE
that lets you, Who When
PxGRID
NBA, IPS, IPAM, etc.
What Where and APIs
See How Health
Users, endpoints Threats Cvss

Partner Eco System
and applications Access policy
for endpoints for network
Wired Wireless VPN

Secure
By controlling network
VPN
access and segmentation
Share
Context with partners for
enhanced operations
Role-based Access Control | Guest Access | BYOD | Secure Access
Cisco Secure Networking
Powered by Cisco Catalyst Full Stack
Control
Automate
Analyze
Trust
Secure
Platform
Integrity
Catalyst Wi-Fi 6/ 6E AP’s Catalyst Switching
Catalyst Wireless Controllers
Connect vmware
aws KVM Google
Cloud
Catalyst 9000 : Wireless

Powered by best-in-class integrated networking hardware and software
Control
Automate
Analyze
Cisco ISE
vmware
Secure Microsoft
NUTANIX
aws KVM
Connect

Control
Automate
Analyze
Cisco ISE
vmware
Secure Microsoft
NUTANIX
aws KVM

Connect vmware
aws KVM Google
Cloud

Control
Automate
Gain access to device config on a need-to-know

and need-to-act basis, while keeping audit trails for
Analyze every change in network
Cisco ISE
Secure
vmware
Microsoft
>#
NUTANIX
aws KVM
Secure Device
Access

Connect vmware
aws KVM Google
Cloud

Control
Automate
Allow wired, wireless, or VPN access to network

resources based upon the identity of the user
and/or endpoint/device. Use RADIUS with 802.1X,
Analyze MAB, Easy Connect, or Passive ID
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># +
TACAS+ Secure Employee
Onboarding

Connect vmware
aws KVM Google
Cloud

Control
Automate
Differentiate between Corporate and Guest users

and devices.
Choose from Hotspot, Self-Registered Guest, and
Analyze Sponsored Guest access options
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + +
TACAS+ Secure Secure Guest
Access Onboarding

Connect vmware
aws KVM Google
Cloud

Control
Automate
Allow employees to use their own devices to access network

Analyze resources by
registering their device and downloading certificates for
authentication through a simple onboarding process
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + +
TACAS+ Secure Guest Wi-Fi Secure Device
Access Onboarding

Connect vmware
aws KVM Google
Cloud

Control
Automate
Group-based Policy with Software Defined Access to
Analyze
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + +
TACAS+ Secure Guest Wi-Fi BYOD Segmentation
Access

Connect vmware
aws KVM Google
Cloud

Control
Automate
Analyze
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Client Posture
Access Assessment

Connect vmware
aws KVM Google
Cloud

Control
Automate
Use the probes in ISE and Cisco network devices to classify endpoints
and authorize them appropriately with Device Profiling.
Analyze
Device
Profiling
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
Access Assessment

Connect vmware
aws KVM Google
Cloud

Control
Automate
Next-generation endpoint visibility with AI-driven analytics and network-

driven deep packet inspection
Analyze +
Device AI Endpoint
Profiling Analytics
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
Access Assessment

Connect vmware
aws KVM Google
Cloud

Control
Automate
Analyze + +
Device AI Endpoint Trust
Profiling Analytics Analytics
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
Access Assessment

Connect vmware
aws KVM Google
Cloud

Cisco DNA Center to automate
mundane tasks, gain network
Control
Automate
insights, and add security to help

Cisco Catalyst Center ensure an optimal experience
Analyze + +
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
Access Assessment

Connect vmware
aws KVM Google
Cloud

Control
Automate
Cisco DNA Center AIOPs NetOp DevOps SecOps

s
Analyze + +
Cisco ISE
Secure
vmware
Microsoft
NUTANIX
aws KVM
># + + + + + Posture
Access Assessment

Connect vmware
aws KVM Google
Cloud

Secure Wireless Access
Secure wireless infrastructure with Cisco Rogue AP Management and WIPS
Control
Automate
Cisco Catalyst Center
Analyze
Cisco Spaces
ETA +
Secure ISE Cisco Secure
Analytics
aWIPS for WIFI 6E

Connect vmware
aws KVM Google
Cloud
Catalyst 9000 : Wireless

Why Cisco Catalyst Full
Stack
C97-740529-04 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
Catalyst Full Stack – Deliver Outcomes Not
Products
Implications forTrend
networking
Power Hybrid Work
Reimagine Application
Secure
Networking
Secure Enterprise
Transform Infrastructure
Easy to buy | Easy to deploy | Ease to use

If it’s connected with Cisco, It’s protected
It’s time to deliver on the brand promise

Enterprise Networking Power of the Platform

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Enterprise Networking Power of the Platform

Uploaded by

Copyright:

Available Formats

Soon Kok Weng Angelica Tan

Enterprise Networking, Product Meraki, Product Sales

Soon Kok Weng

People, places, Access Network Transport Apps

Paris, France DNS

Less Less Less

IT needs a different approach

People, places, Access Network Cloud connectivity Apps

A networking platform converges capabilities and applies a consistent

Simplified operations Faster

Catalyst CatOS UADP/ASIC

DNA Persona Meraki Persona

9300-M Meraki cloud management.

New Gain operational excellence

Unify campus and branch

Extend common policy

Plus, benefit from investment protection and operational

• End-to-end assurance and AI/ML capabilities

Cisco Meraki and Catalyst platforms accelerate digital transformations

Platforms Products Additional products

• Greatly simplified assurance operations • Internet visibility built into management

• 65% lower cost of connectivity

Secure Campus & Branch Networking

Platforms Products Additional products

• Improved applications and data security • Streamlined operations management and

Catalyst Full Stack Meraki Full Stack

Base Security Stack Branch and WAN: Identity and Policy

Power of the Platform

Airports Connect from Anywhere

Users need secure & resilient

IoT Public Cloud

End to End Visibility

Remote Branch Campus / Industrial

People, places and things Campus / Branch/ Remote

Bangalore, IND Public Cloud

People, places and things

Bangalore, IND Public Cloud

Remote Branch Campus / Industrial

Adv. Persistent Side Channel

Cloud Crypto- Cookie

Remote Branch Campus / Industrial

Protecting Endpoint and DDoS AAS CASB

ZTNA But what about the NETWORK?

Protecting Endpoint and Application has been the focus!

But what about the NETWORK?

Remote Branch Campus / Industrial

Remote Branch Campus / Industrial

Remote Branch Campus / Industrial

Translation Capture business intent, translate to policies, and check integrity

Continuous verification, Orchestrate policies

BYOD VPN Gateway

Bangalore, IND Public Cloud

Connect | Secure | Analyze | Control

Industry Cisco IOS-XE

Campus / Industrial Branch Remote

Source: APJC Enterprise networking analysis

Remote Branch Campus / Industrial

People, places On Prem, DC apps/

Federated Identity, Policy, Visibility & Enforcement

Cisco Identity Service Engine

It’s time to deliver on the brand promise

What Where and APIs

See How Health

Users, endpoints Threats Cvss