The Lippis Report

June 7th, 2011

This paper revisits the benefits of centralized 802.11n wireless LAN networks and describes the case for transforming the controller-based architecture to match market needs. Centralization of wireless LANs (WLANs) delivers networks that are easy to deploy, scale, and manage. A local-mode controller-based campus environment delivers increased device scalability and an interactive multimedia experience coupled with enhanced policy to manage the full range of mobile devices. A controller-based deployment using FlexConnect technology enables multisite, lean branches to manage the increased scale of deployments without additional increase in operational complexity.

May 24th, 2011

By Ted Ritter Senior Research Analyst, Nemertes Research

The data center is undergoing tectonic shifts with virtualization the primary cause. Everything is moving faster within the data center—moving at the speed of virtualization—putting centers into a state of transition from physical to virtual, which can be long, complex and messy. At the same time, security models remain largely static, anchored by physical security devices. Not only does this put the organization at greater risk, it also puts in jeopardy the core benefits of virtualization. To address this, organizations need a security architecture delivering agile security and supporting the physical infrastructure, the virtual infrastructure, and all the transitional states in between the two. This requires a new security model seamlessly integrating existing security controls for physical infrastructure with comparable security controls for the virtual infrastructure. This new model requires virtualization security.

May 24th, 2011

By Nick Lippis, the Lippis Report

IT business leaders are being confronted with a choice: either embrace users’ freedom or liberty to choose a mobile endpoint and applications that they deem appropriate to support their work, or dictate a limited number of supported mobile endpoints and applications in which employees must choose? At the center of this decision are security concerns and control as the number of mobile endpoints connecting into enterprise networks skyrocket. A larger secondary effect is that employees are downloading low cost (99 cents to $4.99) mobile applications, which is changing the mix of corporate application portfolios without IT visibility but user request for support. At the same time, video communications is expanding throughout the enterprise and the endpoints it supports. IT business leaders can avoid this difficult choice and offer users freedom to choose the mobile endpoint and applications of their liking, and still maintain security and control by deploying a Borderless Network. In this industry white paper, we review market dynamics shaping mobile computing plus video communications and how a Borderless Network offers user choice, IT management control and in the process, a more productive and agile workforce.

April 11th, 2011

Written by Jim Metzler for Cisco Systems

The movement on the part of enterprises to adopt a Cloud-based service model combined with the growing interest on the part of IT organizations to provide an internal SLA (Service Level Agreement) for the services they provide creates tremendous opportunities for Communications Service Providers or CSPs. The primary opportunity is for CSPs to offer a wide range of network centric solutions that are supported by an SLA. CSPs are in a unique position to offer these solutions because, unlike the Internet, the Next Generation Networks (NGNs) that CSPs have deployed are capable of providing contracted levels of availability, delay, jitter and packet loss. This paper provides three recommendations for CSPs to capture Cloud-based service revenues.

March 15th, 2011

Cisco recently launched its SecureX architecture that extends perimeter-based network security to secure modern IT, recognizing the huge growth in mobile and cloud computing. SecureX is a multi-layer architecture built upon Cisco’s AnyConnect client, its global footprint in real-time threat intelligence found in SIO (Security Intelligence Operation), Cisco TrustSec, including policy servers of NAC manager and server appliances, ASA firewall and the security enforcement features of its switches and routers. SecureX is an architecture to Cisco’s network security products and service to work together in an effort to create deeper defenses and contain exploit infestation if, and when, they occur. Fundamental to SecureX is the concept of “context aware” policy across the enterprise, including remote endpoint devices, centralized policy creation with distributed security device and network enforcement. SecureX provides for innovation injection points through APIs (Application Programming Interfaces) for management and SIEM or Security Information and Event Management. In this Lippis Report Research Note, we explore SecureX with a focus on how context increases defenses and keeps IT assets safer.

Read the rest of this entry »

March 15th, 2011

By Cisco Systems

According to the Wi-Fi Alliance, about 200 million households use Wi-Fi networks, and there are about 750,000 Wi-Fi hotspots worldwide. Wi-Fi is used by over 700 million people, and there are about 800 million new Wi-Fi devices every year. Cisco has shipped over 10 million access points worldwide. In this white paper, Cisco details how Wi-Fi hotspots are changing to accommodate cellular offload of iPhones, iPads and Android devices.

March 15th, 2011

By Cisco Systems

There are three major trends sweeping through the enterprise: the rapid rise of the consumerized endpoint, the onset of virtualization and cloud computing, and the growing use of high-definition video conferencing. Each of these critical technologies is transforming business—and forcing a fundamental shift in how security is developed and deployed. In this white paper, Cisco describes its SecureX architecture and how it has evolved IT security so that IT leaders can enjoy the benefits of these IT trends securely.

February 28th, 2011

By Cisco Systems

Deploying network services in virtual data centers is extremely challenging. Traditionally, such Layer 4 through 7 services relied on intrusive, inline deployment and static network topologies. They were thus completely at odds with highly scalable virtual data center designs with mobile workloads, on-demand virtual machine (VM) provisioning, and strict service-level agreements (SLAs).

Cisco® Unified Network Services (UNS) addresses all of these problems by creating a framework for multiple services that can be configured and provisioned on demand, dynamically, to suit the service needs of enterprise applications and cloud users. This dramatically reduces network management overhead, allowing for a much more agile data center and business while providing improved application performance and a secure infrastructure. Cisco UNS comprises Cisco’s industry-leading solutions for virtual data centers that deliver.

● Load balancing and application controllers
● WAN acceleration
● Network security
● Network analysis and monitoring

February 14th, 2011

by Cisco Systems

Cisco® Borderless Networks is a next-generation architecture that helps IT evolve its infrastructure to deliver seamless, secure and reliable access in a world with many new and shifting borders. The Cisco Integrated Services Routers Generation 2 (ISR G2) constitute a critical component of the Cisco Borderless Network Architecture and deliver performance requirements for the next generation of WAN and network services, enabling the cost-effective delivery of high-definition collaboration at the branch office, and providing a secure transition to the next generation of cloud and virtualized network services. This white paper discusses the concept of integrated services as they apply to the branch-office router, and how they help to enable the borderless branch office for small- to medium-sized business, large enterprises and service providers offering managed services.

January 31st, 2011

There are powerful market forces changing IT delivery. IT application delivery is becoming increasingly centralized thanks to data center server virtualization plus mobile and cloud computing. Desktops are being virtualized, too, thanks to network speeds that deliver low latency and high bandwidth, creating a thin client user experience that is indistinguishable from a thick client but at lower desktop management cost. One serious implication of this concentration of IT in data centers is that a new IT security model is needed as mobility brings greater threat exposure while virtualization changes traffic patterns and the rules of security appliance placement. In this Lippis Report Research Note, we present a new model for IT security in the virtualized mobile and cloud-computing era.

Read the rest of this entry »

January 17th, 2011

Any IT business leader knows that the single most important technology driving data center design change is server virtualization to the point that a virtual machine (VM) is now the data center building block. As server virtualization marches on until nearly every physical server has been virtualized, networking in a virtualized environment is being forced to fundamentally change too. By networking, I mean not only layer 2 and 3 forwarding but network services too, such as application controllers, WAN optimizes, firewalls, etc., which are fundamental for mission critical application performance, cost reduction and high application availability especially where service level agreements are required.

Read the rest of this entry »

January 17th, 2011

By Cisco Systems

This two-page guide provides information on IPv6 client support without changing applications via using stateless NAT 64.

Learn about IPv6 endpoint support by downloading this guide.

January 17th, 2011

By Cisco Systems

This two-page guide provides information on dual stack IPv4 and IPv6 implementations and its impact from client to network infrastructure.

Learn about dual stacking IPv4 and IPv6 by downloading this guide.

December 13th, 2010

In an effort to offer a multi-vendor SIEM (Security Information and Event Management) solution, Cisco is placing its SIEM product, CS-MARS, in end-of-life and in its place, offering the industry its first SIEM ecosystem. Cisco acquired MARS six years ago in December 2004. MARS provided traditional event management and security monitoring along with limited forensic capabilities and compliance reporting. But the market demanded a broader cross-vendor SIEM solution rather than a SIEM focused primarily on Cisco products. In response Cisco has launched a SIEM ecosystem to support deep event monitoring, forensics and compliance reporting across a heterogeneous enterprise network. IT has also expanded the role of its Cisco Security Manager or CSM to support policy management and troubleshooting across a wider range of Cisco products. In this Lippis Report Research Note, we examine the new distribution of security responsibilities that now stretch across Cisco CSM and its new SIEM ecosystem with an eye toward stronger defense of IT assets.

Read the rest of this entry »