New Street Cred for Cisco Security

Postedby John Whalen on December 27, 2013 | 0 Comments

Tags: , , , , , ,

 

Cisco Adds Teeth to its Security Portfolio

 

"With the close of this acquisition, Cisco will provide one of the industry's most comprehensive advanced threat protection portfolios, as well as a broad set of enforcement and remediation options that are integrated, pervasive, continuous and open."

— Cisco, press release

 

On October 1, 2013 Cisco finalized its acquisition of Sourcefire, the most innovative and highly respected intrusion prevention (IPS) firm in the industry. This is great news for Cisco partners and customers. 

With recent platform changes in the Adaptive Security Appliance (ASA) product line, Cisco has demonstrated a renewed commitment and focus in security. Cisco added to the original ASA the capabilities of built-in IPS and web filtering, as well as layer-7 application awareness. As customers reinvest in their perimeter security, the ASA provides state-of-the-art next-generation firewalling. Even so, Cisco sometimes seems to be in confusion of its own overall security strategy. The Sourcefire team will add energy and focus, as well as industry credibility. 

Famous for IPS, Sourcefire has also developed a strategy of making visible all things related to network security. Their newest solutions have centered around next-generation firewalls and malware detection and mitigation. 

For Cisco the benefits of the acquisition lie in the potential melding of Sourcefire’s advanced intrusion prevention system (IPS) and anti-malware technology into its security, network, and wireless solutions. In addition, the talent of Sourcefire’s engineers represents an unlimited brain trust should Cisco be nimble enough and savvy enough to keep them feeling interested and valued. For Sourcefire, a company with a reportedly inconsistent channel strategy and a best-of-breed solution for a declining market (that of standalone IPS), joining one of the industry’s largest and best-capitalized firms will provide a way to port its technology onto new platforms and reach new customers. Though its IPS is outstanding, customers are turning toward next-generation firewalls (NGFW), instead of free-standing IPS solutions. 

Led by CTO and founder, Martin Roesch, Sourcefire has provided IPS solutions for over a decade, while at the same time nurturing the open-source framework of ClamAV anti-virus and SNORT, the most widely deployed IPS in the world. 

 

"As one team, we will provide a broad portfolio of integrated solutions that deliver unmatched visibility and continuous advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly – before, during, and after an attack. It’s the new model of security I’ve been talking about for some time."

— Martin Roesch, CTO, Sourcefire blog

 

In many ways, Cisco’s 2007 acquisition of Ironport was handled very smoothly. Cisco seemed to leave the Ironport team—sales, channel and engineering—alone long enough for a successful transition. Today the reputation-based web and malware filtering that Ironport pioneered is present throughout Cisco’s security solutions, while still existing in its pure form in Cisco’s web security appliance and email security appliance. 

Roesch believes that security equals visibility and that with knowledge of what is occurring on the network administrators can accomplish threat detection and mitigation. Today Mr. Roesch has assumed his new position as the vice president and chief architect of Cisco’s Security Business Group. Roesch’s challenge will be to find a way to remain effective and strategic within a very large organization. 

In 2003 Cisco acquired Okena and continued the development of its flagship host-based intrusion product as Cisco Security Agent. In 2005 Cisco acquired Protego and developed its security monitoring product into Cisco MARS. Both products sold well and fit into Cisco’s self-proclaimed strategy of the self-defending network. However, in 2010 Cisco abruptly changed directions and killed both products lines, confounding industry analysts, as well as Cisco channel partners, who championed these solutions, and Cisco customers, who had invested in them. Cisco has been without a clear security strategy ever since. 

Cisco’s opportunity and challenge with the Sourcefire acquisition will be to retain Roesch and his team, and, more importantly, to listen to their ideas and give them the resources they need to innovate, invent and solve the business problem of digital risk management. In a larger sense, if Cisco can seize the opportunity they now have to become a truly strategic security leader, the whole industry will benefit. It is unlikely that every Cisco product will be best-of-breed. However, given its world-wide installed base and loyal customers from small-to-medium business to enterprise, if Cisco can get security right, or even more right, we all will benefit. We are all members of, or are customers of, organizations who depend on Cisco to meet information security threats. Ultimately, it is our data and our transactions which need to be safeguarded, now and going forward.

Next-Generation IPS

The Sourcefire Next-Generation IPS sets a new standard for advanced threat protection integrating real-time contextual awareness, full-stack visibility and intelligent security automation to deliver industry-leading security effectiveness, performance and low total cost of ownership.

Passive intrusion detection (IDS) mode notifies of suspicious network traffic and behavior while inline IPS mode blocks threats. The NGIPS solution can be further expanded with optional subscription licenses to add Application Control/URL Filtering and Advanced Malware Protection.

Next-Generation Firewall

The Sourcefire NGFW includes the world’s most powerful NGIPS, granular application control and advanced firewall functionality in a flexible, high-performance security appliance, bringing together control and effective prevention.

In NSS Labs’ 2012 NGFW Product Analysis Report the Sourcefire NGFW set a new standard in security effectiveness, protecting against 99 percent of all attacks and demonstrating superior performance and total cost of ownership. The Sourcefire NGFW also received top ranking in NSS Labs’ 2013 Security Value Map for NGFW security effectiveness and TCO.

Advanced Malware Protection for Networks

Sourcefire delivers inline network protection against advanced malware with two deployment options: Defend against sophisticated network malware – from the point of entry, through propagation, to post-infection remediation Detect a threat, confirm an infection, trace its path, remediate its targets and report on its impact Extend network protection to cover all threat vectors – endpoint devices, mobile and virtual – by integrating with Sourcefire FireAMP™, maximizing security and minimizing TCO.

0 comments | Read the full post

Prepare or Beware 802.11 AC/AD Wireless- The Next Wave

Postedby Kevin Mayo on December 06, 2013 | 0 Comments

Tags: , , ,

Prepare or Beware

802.11AC/AD Wireless—The Next Wave

 

By Kevin Mayo

Cerium Networks Solutions Architect

 

kevin mayo blog image

Can you believe that it has been almost five years since the industry adopted the IEEE 802.11n standard?  In that time, the wireless networking landscape has undergone tremendous change.  Smartphones and their use on the production 802.11 wireless network is now the norm, and the wireless tablet has become the preferred business networking tool. 

 

Cisco predicts that there will be more Internet-connected mobile devices than people in the world by the end of 2013.  With the stress of 7 billion smartphones and tablets already on the world’s network infrastructure, network providers and their supporting IT administrators must adapt if they are to survive and thrive in this new bring your own device (BYOD) marketplace.

 

Some of the most dramatic changes observed are:

 

  • More than half of the Internet data transmitted worldwide is mobile video. By 2017, this amount is projected to increase to two-thirds.
  • Smartphones consumed 92% of the global mobile data traffic while only making up 18% of handsets globally.
  • In 2011, the average smartphone used 189 MB of data per month. By 2012, their monthly usage went up to 342 MB. By 2017, average smartphone data usage is projected to reach 2.7 GB of data per month.
  • The fastest growth in device adoption over the next five years will be tablets, Cisco says. It predicts a 46% growth year-on-year and data growth more than doubling, by 113% annually.

 

To stay ahead of this mobility trend, manufacturers like Cisco and Meraki have released their new access points supporting the new wireless standard, 802.11ac.  802.11ac is the fifth generation of Wi-Fi, combining the freedom of wireless with the capabilities of Gigabit Ethernet.  Manufacturers like Cisco aim to deliver significant improvements in the number of clients supported by an access point, a better experience for each client, and more available bandwidth for content like video.

 

Some of the benefits of the new 802.11ac standard are:

 

  • More channel bonding from the maximum of 40 MHz in 802.11n now up to 160 MHz or a 333% increase.
  • More multiple input, multiple output (MIMO).  802.11n uses up to 4 spatial streams while the new 802.11ac uses 8 spatial streams.
  • Per access point bandwidth now exceeds 1.3 Gbps.

 

The wireless advancements of 802.11ac could not come at a more opportune time to address the density and bandwidth constraints of the legacy 802.11 Wi-Fi first generation environments. These second generation wireless products also come with a new (MU-MIMO) multiuser MIMO, allowing an AP to send multiple frames to multiple clients at the same time over the same frequency.  With Mu-MIMO, an AP can behave like a wireless switch where with 802.11n, the AP acts as a wireless hub which can only transfer a single frame at a time to all its ports.

 

Another interesting shift with the new standard is in regard to frequency allocation—802.11ac operates in the 5 GHz 802.11a spectrum only. This frequency shift from the b/g bands to now 802.11a only, allows for more non-overlapping channels, in significantly less used contention space, while being backwards compatible with 802.11a/n.

 

However, with all new adoptions and roll-outs of new technology, there are challenges.  If an access point now can deliver 1.3 Gbps, the access point and the network must be able to support 1 Gbps Ethernet link aggregation (port-channeling) to provide non-blocking wire-rate speeds.  And if a network administrator wants to connect multiple 802.11ac access points to the same wiring closet, then uplink aggregation needs to similarly not be oversubscribed so welcome to 10Gbps in your closets.

 

Further, the new 802.11ac access points require Enhanced POE.  Enhanced POE or 802.3atPOE+ are now the minimums to provide inline power over Ethernet to these power hungry units.  If one relies on the legacy 802.3af POE standard, the access point will dynamically shift from 4x4 to 2x2 spatial streams, defeating one of the primary advancements of the new standard.

 

If that were not enough to worry about, there is a silent whisper in the marketplace about the rapid development of 802.11ad.  Depending upon who you talk to, 802.11ad will change everything we know about wireless networking and we might see early market entries as early as late 2014, early 2015.  The future 802.11ad claims to deliver upwards of 7.7 Gbps per wireless access point.  Imagine, your network requires you to deliver 10Gbps wired connectivity to an access point, which then means you need  100Gbps for your upstream connectivity to avoid oversubscription and on, and on, and on. 

 

What is a network guy to do?  Fiber to the desktop and 10G wireless?  Prepare or beware?

 

The advancements in the industry are truly something to behold.  And these advancements mean it’s a challenging and personally rewarding time to be in the networking business.  Stale is definitely not an adjective you can use to describe the nature of IT in this business.

 

As a Cerium Networks Solutions Architect and a Network Designer, I have the following word of advice: Prepare.  We have heard for too many years that we are running out of IPv4 address space and our industry and its leaders need to adopt IPv6.  With now more than 7 billion mobile devices on the Internet, its official, and the IPv4 space is all but exhausted.  If we don’t have our arms around IPv6, our value, the company, and the industry we support will be diminished.

 

If your network is not ready for BYOD and mobility: Prepare.  How are you going to address the speeds and feeds of these new technologies?  How will you power them?  How will you provide back-up power?  And how does this new power grid affect your cooling, ventilation and HVAC?

 

And how robust is your cable plant?  Even if you wanted to adopt 10G, the now shipping 40G, and 100G network connectivity interfaces are gaining adoption.  How to get there: Prepare.

 

The Cerium Networks Team is here to help.  From consulting and design, to implementation and training, Cerium Networks can help you plan, prepare, and execute on your organization’s mobility and networking roadmap. Prepare or Beware.

0 comments | Read the full post

Successfully Deploying Avaya one-X Mobile Lite on Android & Blackberry

Postedby Ken Gaugush on September 12, 2013 | 0 Comments

Tags: , ,

Avaya one-X Mobile Lite significantly improves the end user Avaya Extension to Cellular (EC500) experience.  Providing access to features in a much more user friendly manner.  Avaya one-X Mobile Lite does not require the deployment of a client server, rather simplified user access to EC500 is through an intuitive smartphone app that is freely downloadable from your smartphone store (search “Avaya”).

Avaya one-X Mobile Lite is also available on Avaya Communications Server 1000 to improve the Mobile Extension experience for the user.

onex

If you have EC500 (or Mobile Extension) enabled for your users and are at Avaya Aura Communication Manager 5.2.1 or better (or Avaya Communications Server 1000 7.5 or better), then you are ready to take the next step to deploy one-X Mobile Lite for those users.

Critical to a successful deployment is providing the correct feature access dial string settings (FNE’s or FFC’s) out to your users.  Unsuccessful deployments have expected the end users to populate these settings manually into their smartphones. This has resulted in user dissatisfaction as well as additional help desk calls.  Successful deployments auto-populate these settings.

On the Avaya Support Site download the Administering Avaya one-X Mobile document that is appropriate for your environment.  After familiarizing yourself with the document’s contents, you will note that there is an XML Template that you need to copy into a .txt file.  This is what you will use to auto-populate the settings for your end user’s smartphones.  Note that this capability is not available for iPhone and those end-users will still need to manually populate the settings on their iPhones.  A partial example of what that file looks like this:

code

You’ll want to populate this file with the relevant data (replaces the “xxxx”).  Once the document is complete you can post it to a file server or email it out to the end users requiring the one-X Mobile Lite service.  (Note -- It is advisable to verify the document’s accuracy by first testing on your smartphone, duplicating the end user’s retrieval process)

Improving the end user’s BYOD experience with Avaya one-X Mobile Lite is very easy.  If you haven’t done so already trial it yourself or with a select group of users.  Aside from improving end user satisfaction, a successful deployment will minimize the impact on administration and help desk. 

 

0 comments | Read the full post

Setting up Routing on Windows Server 2012 for Your Labs

Postedby Jason Guel on September 10, 2013 | 0 Comments

Tags: , ,

Keeping up with new technologies is the hallmark of most of us that work in the field of Information Technology. Often to keep up with these new technologies we set up lab environments on a server using virtualization. Of course usually we have to keep these lab environments separate from our production environments but you still want those virtual machines to be able to access the internet to do things such as download and install patches or prerequisites.

This is a tutorial on how you can use Routing in Windows Server 2012 on a Windows Server 2012 host using Hyper-V.

1. Configure your virtual switches:

In your Hyper-v manager under actions click on Virtual Switch Manager. As you can see here we already have a virtual switch set up that is set up as an External Network and uses the hardware NIC to allow outside access.

read more

0 comments | Read the full post

Why You Should Upgrade Microsoft Exchange

Postedby Rob Husted on September 06, 2013 | 0 Comments

Tags:

exchange update blog masthead image2

Microsoft has announced that the 2003 versions of Exchange and Outlook will reach end-of-life on April 8, 2014, meaning that support and security updates will no longer be offered for these products. Small Business Server has already been discontinued.

The writing is on the wall. Upgrading Exchange should be considered an absolute must if you’re still using Exchange 2003. It’s time to make the decision to move forward.

If you continue to use unsupported technology, you have to live with the risks. These risks include greater susceptibility to emerging security threats, and failure to take advantage of new features and services that can enhance business processes and help you operate more cost-efficiently.

Obviously, taking the old “if it ain’t broke, don’t fix it” approach is a risky proposition. Why not begin developing an upgrade strategy now instead of reacting to a crisis later?

Upgrading your servers is not a process that happens overnight. If you begin to plan and budget now, and take the time to learn how you can fully leverage Exchange 2013 to improve the way you do business, you’ll get much more value from your investment.

Making the case to upgrade soon-to-be-unsupported technology is relatively simple. However, you should also consider upgrading to Exchange 2013 even if your system isn’t very old.

That’s because Exchange 2013 offers a number of business-enabling features not available in older versions of Exchange. These features include:

  • Simple, web-based administration for all services

  • Virtualization, which creates significant capital and operational cost savings through server consolidation

  • The Outlook Web App, which enables email access from any device or browser

  • A simplified process for writing, controlling and deploying apps

  • Enhanced security measures to protect business information

  • Data loss prevention, which uses preset rules to monitor and protect sensitive data and alerts users to policy violations

This direct comparison of Exchange 2013 with earlier versions offers a thorough rundown of new and enhanced features and services. Cerium’s Microsoft-certified experts can also help you determine if the latest version of Exchange is right for your business.

If you currently have Exchange deployed onsite, you might also want to explore the possibility of switching to a hosted Exchange platform such as Office 365. A hosted solution moves the messaging infrastructure – and the cost of purchasing, monitoring, maintaining, securing and upgrading that infrastructure – to an offsite service provider. Office 365 is proving to be an appealing option with its cloud-based email and collaboration technology. Look for more about Office 365 in an upcoming post.

Of course, it helps to have a trusted advisor when making these kinds of decisions. Cerium Networks has achieved Microsoft Gold Messaging, Gold Communications and Silver Server Platform Competencies, specializing in Lync and Exchange solutions. This means Cerium is expertly qualified to help companies upgrade their Microsoft Exchange servers, from consulting to implementation to support services.

Let us put this expertise to work so you can take full advantage of the latest features of Microsoft Exchange.

0 comments | Read the full post

Introducing Cisco Meraki MR34

Posted on August 26, 2013 | 0 Comments

Tags: , ,

 masthead for meraki MR34 blog post

Wi-Fi certified 802.11ac products that push maximum data rates up to 1.3 Gbps and operates exclusively in the less crowded 5-GHz band are starting to hit the market and setting the standards for future Wi-Fi deployments. Nearly all new devices will connect only at 5 GHz, and it is an ideal time to start considering your options and planning your 802.11ac strategy.

An excellent place to start your planning is by checking out the Cisco Meraki MR34.

802.11ac and the Cisco Meraki MR34

The Cisco Meraki MR34 is the new standard in wireless. Designed specifically for high density and next generation deployments, it's the world's fastest cloud-managed wireless access point.

Enhancements to modulation, channel bandwidth, and operation at 5 GHz help the MR34 achieve record breaking speeds of 1.3 Gbps, while also providing industry-leading visibility and management.

Channel Bandwidth

The MR34 doubles the size of the pipeline used to transmit data by increasing channel bandwidth to 80 MHz. Wider channels allow 802.11ac to use a larger slice of the limited available spectrum for transmission.

Modulation

Do more in the same airspace previously used by 11n. The MR34 uses enhanced modulation techniques to increase the density of information transmitted to end clients, effectively increasing the efficiency of WiFi signals.

Spectrum

One MR34 radio operates on the less crowded 5 GHz band, enabling the wider channel bandwidths of 802.11ac and avoiding interference of the 2.4 GHz band. The second client-serving radio supports 802.11b/g/n clients on 2.4 GHz.

Auto RF

Auto RF aggregates network-wide spectrum analytics through the Meraki cloud platform to automatically determine access point power levels and channel assignments. The full-time scanning capabilities of the dedicated third radio allow the MR34 to dynamically adjust and optimize the RF environment for connecting clients.

The MR34 integrates seamlessly into existing wireless environments

Upgrading a wireless network has never been easier. The MR34 supports existing 11a/b/g/n clients to make migration simple. Deploy the MR34 to add 802.11ac capacity into an existing WiFi network, and manage everything from the dashboard. Even use existing PoE infrastructure and upgrade to PoE+ (802.3at) when you’re ready to take advantage of advanced third radio security and optimization.

For more information contact your Cerium representative for a discussion and demonstration of the Meraki solution.

0 comments | Read the full post

Continual Product Training is Cerium’s Strong Suit

Postedby Doug Wiest, Inside Sales Representative on August 21, 2013 | 0 Comments

Tags:

image for doug weist blog5

Upon joining the Cerium Networks Inside Sales Team, I was informed of the certifications I must earn from each of our partners. The most in-depth and comprehensive training is by far the Cisco Sales Expert certificate. This certificate is the only one required by our partners that must be taken in person, including a test proctor, which gives the whole ordeal a semblance of the SAT.

The intriguing part of the test is the knowledge that the velocity of technology change is so high! New technologies are becoming obsolete quicker than ever before and most of the things I’ve learned in the test preparation will soon be out-of-date. In spite of this, the networking and hardware designs that Cisco has developed are far more advanced than one’s home consumer network would ever hope to be. As a result, I am now awash in acronyms and buzz-words and furiously scribbling notes in hopes that I will be able to retain all this information for the test.

The point of all this is to ensure that when I am talking to customers, I will be able to stay in the ring and talk at their level. Luckily, technology is hurtling forward at a constant rate for all users, including the customers, such that once I am up to speed, I will only need to learn about new products as they come out in the future. Product knowledge is essential in sales, and the more knowledgeable I am, the easier the sales process will be.

Cerium Networks brings to the table a focus on certifying ALL of their employees, especially those that interact directly with customers. The drive to continue one’s education and deepen the certification path is constant. The immersion experience in the Cerium office serves as a constant reminder that I will never know everything. With everyone on phones talking to customers and colleagues about systems, networks, and devices I sometimes feel like an undergraduate student that walked into a Computer Science department meeting.

The constant education of its people allows Cerium to look to the future. An atmosphere of constant learning gives Cerium an enormous advantage. As a corporation that prides itself on being an innovative, knowledgeable, and responsive partner to its customers, Cerium has developed the ideal design to allow its employees to stay current and ahead of the technology curve.

0 comments | Read the full post

The Driving Force behind a High-Performance Wireless LAN

Postedby Kevin Mayo, Cisco Solutions Architect on August 07, 2013 | 0 Comments

Tags: ,

aironet 3600 masthead4

Having a high-performance wireless LAN in today’s business world is an absolute must. Your wireless LAN needs to be fast, reliable and accessible. It needs to meet the increasing demands of cloud services and BYOD (bring your own device), with laptops, mobile phones and tablets constantly clamoring for bandwidth.

Applications that cause bandwidth bottlenecks — such as streaming video, IP telephony and web conferencing — have made it difficult for many wireless LANs to maintain optimal performance levels. Spotty connectivity, slow speeds and network interference result in wasted time and money … and frustrated users and customers.

The 802.11n standard has helped to address these concerns by improving wireless LAN throughput to at least 100 Mbps. Unlike older Wi-Fi standards, 802.11n is comparable to wired LAN technology and provides the capacity to handle high-bandwidth applications.

802.11n is powered by MIMO (multiple input, multiple output), which uses spatial multiplexing to send and receive data through multiple antennas and radios. This increases bandwidth and provides more coverage, allowing for high-speed connections from 150 feet or more. 802.11n can also improve performance by tapping into more of the wireless spectrum when it’s available.

The Cisco Aironet 3600 Series Access Point (AP) takes this performance a big step further — an improvement of up to 30 percent for any wireless device at greater distances. Cisco Aironet 3600 is the first 802.11n AP with 4x4 MIMO (a fourth antenna) and three spatial streams, which enables that incredible jump in performance along with more capacity and reliability.

Other benefits of the Cisco Aironet 3600 Series AP include:

  • ClientLink 2.0 improves performance on any wireless device, even if it has a weak wireless signal.

  • A flexible design allows for customization and add-ons to suit your specific business requirements.

  • Cisco CleanAir technology protects performance, reliability and high-speed radio frequency (RF) spectrum intelligence for maximum security.

  • Cisco offers support for seamless, fast roaming and Voice over Wi-FI support with IEEE 802.11r, as well as enhanced mobile experiences with 802.11u.

  • Cisco Prime Network Control System and Cisco Identity Service Engine support BYOD environments by simplifying management and bolstering security.

  • The Cisco Aironet 3600 Series AP supports breakthrough 802.11ac technology, a next-generation wireless standard that transfers data at a speed of 1Gbps. Look for an upcoming post about how your business can take advantage of this new standard for wireless connectivity.

Today’s business landscape requires a high-performance wireless LAN. Users and customers won’t settle for anything less. Let us show you how the Cisco Aironet 3600 Series AP meets and exceeds these demands.

0 comments | Read the full post

Why You Need to Upgrade Your Firewall to Next-Gen Cisco ASA

Postedby John Whalen on June 17, 2013 | 0 Comments

Tags: , , ,

asa x

If you have an older security infrastructure with an earlier-generation firewall, your company is in serious danger of being compromised by malware, hackers and Internet criminals. Period.

Today’s more sophisticated threats to enterprise networks can work their way around an aging security system, or simply ride undetected on the never-ending wave of new applications that enter your network. Older firewalls are unable to inspect the data payload of network packets, or distinguish between legitimate business and non-business applications.

The damage caused by modern security threats can be operationally and financially crippling, from data loss and stolen intellectual property to identity theft and shattered customer confidence.

Simply adding layers of security devices and software can hamper performance. If you want to integrate mobile and cloud-based technology into your network and business operations while maintaining control and compliance — and minimizing risk — you need to employ the latest network security.

What can a next-generation firewall do that an older firewall can’t?

BYOD (bring your own device), peer-to-peer applications, real-time collaboration, VoIP, rich media streaming and teleconferencing have created a “wild west” application environment for enterprises. A next-generation firewall can restore order.

A next-generation firewall is able to identify, classify and track applications based on predefined rules and application signatures. It applies deep packet inspection techniques to scrutinize traffic data. Instead of being processed through several engines, packets only need to be examined once, allowing for optimal network performance.

Security is performed on a more granular level with a next-generation firewall. In addition to examining traffic and applications, it monitors individual users, managing each user’s level of access to data depending on their job function. Priority is given to business-critical applications, while wasteful and potentially harmful applications can be limited or even blocked.

Why is the Cisco ASA 5500-X Series the next-generation firewall of choice?

The Cisco ASA 5500-X Series, powered by ASA 9.0 software, has been designed to combat the 100,000-plus threats that emerge every day, delivering end-to-end network intelligence, streamlined security operations and user ID awareness. There are four key reasons to choose the next-generation Cisco ASA firewall:

  1. Proactive Security. Cisco Cloud Web Security and Cisco Security Intelligence Operations protect networks from web-based threats, vulnerabilities, advanced persistent threats (APTs) and other types of attacks.
  2. Comprehensive Suite of Security Services. The Cisco ASA 5500-X Series integrates with today’s cloud-based and software-based security services, and can scale to meet future security requirements. Services include Cisco Application Visibility and Control, Web Security Essentials, Intrusion Prevention System, Botnet Traffic Filter, AnyConnect VPN and Cloud Web Security.
  3. Network Integration. Choose your security deployment options based upon your specific business requirements. Simplify firewall management and optimize protection by integrating the firewall with your network infrastructure.
  4. Performance without Compromise. With 300 percent higher firewall throughput and 60 percent higher VPN throughput than the previous generation, the Cisco ASA 5500-X Series can boost the performance of business-critical network services.

Don’t roll the dice with an older firewall. Take advantage of greater visibility, control and protection by upgrading to a next-gen Cisco ASA firewall.

0 comments | Read the full post

Nine Reasons to Upgrade to Cisco Unified Communications Manager 9.x

Postedby Kevin Mayo on April 24, 2013 | 0 Comments

Tags: ,

9 reasons masthead 2

You know that Cisco Unified Communications Manager (CUCM) provides a solid communications platform for your business — so solid that you might not think about upgrading. It is true that older versions of CUCM will continue to meet basic business needs for many years. However, organizations that put off upgrades are missing out on numerous financial and operational benefits.

Cisco recently released CUCM 9.0, building upon the voice and video enhancements in version 8.6 with a number of exciting features. If you are several releases behind, you have even more to gain by upgrading. Here are nine factors you should consider:

  1. Presence. CUCM 9.0 is tightly integrated with Cisco Jabber, a unified communications application that brings together presence, instant messaging (IM), desktop sharing, conferencing and other features into a single, consistent experience across devices. Presence provides a simple way for mobile workers to easily and securely find the right people, to see if and on what device they are available, and to collaborate using their preferred method or device.
  2. Mobility Features. CUCM 9.0 also provides a consistent mobile experience across both Voice over IP (VoIP) and cellular modes, enabling users to communicate from anywhere and allowing organizations to control telecommunications costs. “Single number reach” improves accessibility and allows organizations to rightsize the number of IP desk phones.
  3. Simplified Reach-abiliity. The Directory Uniform Resource Identifier (URI) dialing feature in CUCM 9.0 allows users to dial using email addresses, improving productivity by making it easier for users to connect.
  4. Videoconferencing on the Go. CUCM 9.0 delivers videoconferences over both Wi-Fi and cellular, enabling users to move videoconferencing sessions between mobile and desk phones.
  5. Advanced Phone Sets. By upgrading from older versions of CUCM, customers can take advantage of Cisco Unified IP Phones with high-resolution color displays and productivity-enhancing features. CUCM 9.0 provides even greater flexibility and choice through interoperability with a variety of third-party endpoints.
  6. Call Queuing. Native queuing functionality and hunt groups provide more granular control over hold times, announcements, Music on Hold, and other telephony features.
  7. Platform Enhancements. CUCM 9.0 builds upon Cisco’s virtualization strategy by providing higher density per CUCM virtual machine. It also centralizes software version management and enables remote upgrades.
  8. Simplified Licensing. Licensing for CUCM 9.0 is based upon user profiles, and license usage and reporting are simplified. The new Enterprise License Manager centralizes license management and provides an at-a-glance view of compliance.
  9. Continued Product Support. Cisco no longer supports products five years after they reach end of life. Several older versions of CUCM are both end of life and end of support, creating risk for customers that continue to rely upon these products. Customers can eliminate that risk by upgrading to CUCM 9.0 now.

Those are just a few of the features and benefits of CUCM 9.0. With enhanced support for today’s mobile workforce and functionality that improves productivity, collaboration and customer interaction, CUCM 9.0 enables customers to gain competitive advantage while reducing complexity and risk.

0 comments | Read the full post