Among a flurry of announcements this past week, Cisco Systems Inc. stepped up its Routed Optical Networking infrastructure is designed to simplify the sprawling networks and expanding its Secure Access Service Edge portfolio to help network operations and security operations teams connect users to applications more securely.
That news and more came at the networking giant’s first digital and truly global Cisco Live user conference, one with more than 100,000 attendees, around four times the usual, in more than 200 countries.
Here are what I view as the top five announcements at the event:
Cisco Plus and network-as-a-service
Historically, there was one way to buy network equipment and that was to pay a price and the customer would own the equipment. This created lumpy spending patterns as customers would spend a lot of money year 0 and then a small amount every year for maintenance and then another big amount at refresh. A couple of years ago, Cisco decoupled hardware and software purchasing, which flattened out the curve but there were certainly spikes at refresh time.
This week, Cisco introduces a true network-as-a-service offering where customers would just pay a monthly or quarterly fee for the infrastructure and software. With NaaS, the customer doesn’t actually own the equipment because it’s a true subscription offering.
Cisco Plus extends NaaS to complete solutions with the first one being Private Cloud. Available mid-year 2021, Cisco Plus Hybrid Cloud will include products from Cisco’s network, data center and storage portfolio as well as lifecycle services and third-party storage and software. Businesses can choose the level of service they need and it offers 0-100% utilization commitments upfront. Coming soon will be Cisco Plus SASE.
This should be a real win for customers since it gives them the option of shifting to an operating-expense model and opens the door for them to upgrade and stay current without having to budget huge sums of money every few years. Also, it makes Cisco technology more available down-market or budget-constrained organizations.
ThousandEyes integration across Cisco portfolio
All network management products are focused on monitoring traffic on the internal company network. ThousandEyes was the first to monitor internet traffic and help business understand how the internet is performing across the globe. When the company launched, software-as-a-service vendors used ThousandEyes to help understand how their services were performing and isolate problems.
In 2021, Cisco acquired ThousandEyes with the goal of integrating it across its portfolio. Given that more and more businesses are relying on cloud apps, which use the internet for transport, this seemed like a shrewd acquisition since it would let Cisco monitor the true end-to-end path for apps. At Cisco Live, the company announced the integration of ThousandEyes with the Catalyst 9000 switching portfolio and Cisco AppDynamics Dash Studio.
With the former, customers will receive, at no extra cost, ThousandEyes intelligence in the DNA Advantage and Premier, providing an end-to-end look at network performance where the definition of end-to-end has been expanded to include the internet.
The latter provides customers with a single view of application performance so customer can see up the entire stack – from the network to app layer. Cisco refers to this as “full-stack observability.”
This addresses one of my biggest problems in information technology. Most monitoring and management vendors tout their products help with “mean time to innocence” where the products prove the app issue isn’t the fault of the network. To that, I say, who cares? The focus for IT should not be to point figures but to fix the issue, quickly. ThousandEyes integration across the Cisco portfolio makes that easier to do.
Cisco Duo passwordless authentication to put an end to passwords
When it comes to passwords, there is no good answer. If they’re too simple, users get breached. If they’re too complicated, people forget them and get frustrated having to reset them all the time. If the company is constantly changing passwords, users go to some sort of predictable scheme.
What’s the right answer? How about getting rid of passwords? The new Cisco Duo feature does that. Cisco Secure has introduced infrastructure-agnostic, passwordless authentication.
It simplifies and strengthens authentication for accessing cloud apps, protected by Duo single sign-on that leverages third-party platform biometrics such as Apple FaceID and TouchID and Windows Hello. Bringing together passwordless authentication with Duo SSO lets users put the majority of their passwords into a simplified login experience.
For decades, security pros have been trying to get rid of passwords, but there was never a better way because biometric systems were mediocre at best. The infusion of artificial intelligence into these products has improved biometrics to the point where it can be used for business purposes. The best way to manage passwords is to get rid of them and use something else.
Routed Optical Networks
At first glance, the term “routed optical” may seem like a contradiction because for decades service providers have built a Layer 2 optical network and then a routed Layer 3 overlay. Cisco introduced the concept where the two networks could be converged using a wide range of Cisco technology, including the optics from its recent $4.5 billion Acacia Communications Inc. acquisition, the recently introduced Silicon One chip and a new broadband gateway for telcos.
For the past year, Jonathan Davidson, general manager of Cisco’s Mass Infrastructure group, has been touting how Cisco’s “Internet of the Future” strategy, which enables SPs to converge multiple networks together to create a simple, cost-effective and scalable network.
Although this is a telco-centric announcement, there are implications to business users in that 5G is coming and coming fast. Businesses of all sizes rely on the SPs to deliver faster and more feature-rich networks to take advantage of 5G, cloud, mobility and the “internet of things.” The operational overhead with running networks holds big telcos back. The new routed optical network should enable SPs to deliver much higher levels of service to its customers.
Expanded SASE architecture
Secure Access Service Edge had started heating up pre-pandemic but has exploded as more users headed home and required corporate grade security from their living room. The only way to do this is with SASE as it delivers security from the cloud. At Cisco Live, Cisco expanded its SASE architecture with the ability to purchase all core components in a single offering, as well as soon as a Cisco Plus service.
This includes a wide range of security components such as DLP, browser isolation, malware detection and newly introduced passwordless authentication, as well as Viptela SD-WAN appliances, which now provide cloud integration with Amazon Web Services, Microsoft Azure, Google Cloud and Megaport. Cisco has also included ThousandEyes visibility as part of its SASE offering.
Current Cisco customers can take advantage of this because it enables them to go from their current network to a software-defined wide-area network plus SASE deployment or leave the network in place and implement the security capabilities of SASE first. A year ago, most customers moved from traditional networks to SD-WAN to SASE, but the large number of remote workers has favored the demand for security before network evolution.
We have many years of experience working with Cisco Systems to deliver global and local technical solutions.