You are here

Cisco Live 2017: The Network of the Future Will Constantly Adapt Based on Context

Cisco unveiled its vision for the future of a hyperconnected world and announced a new security feature to detect malware in encrypted traffic.

Cisco Systems is betting that future network technology not only will be software-defined, but also will reflect the intent of those using and managing networks. The networking giant unveiled a host of new hardware and software solutions centered on the idea of intent-based networking at the Cisco Live 2017 conference in Las Vegas.

During the opening keynote of the conference, Cisco CEO Chuck Robbins expanded on the announcement Cisco made last week about its new networking strategy.

The idea is to give network managers the ability to easily manage their networks and change how the network operates and responds by automating policy, instead of manually changing software to adapt to changing network conditions. Cisco unveiled new programmable switches to help with that effort.

Cisco also announced the first kind of application that can be used with those switches: what it calls Encrypted Traffic Analytics, or the ability to detect if malware is present in encrypted network traffic without decrypting the traffic and compromising security.

A New Approach to Networking Based on Intent

“I do believe that we are at the beginning of a new era,” Robbins said during the keynote. “What we all face ahead of us requires us to think about things entirely differently, and it requires us to deliver a new era of networking with you.”

The world reached an inflection point last year, when, in the third quarter of 2016, more machine-to-machine connections were added than mobile phones, Robbins said. As the Internet of Things expands, businesses can extract greater insights from those connections than ever before through analytics and machine learning. That “will change everything about the future of your organization,” he said.

According to Gartner, there will be 8.4 billion connected devices in use in 2017, and 3.1 billion will be used by businesses. Those are being used to change business models, implement predictive maintenance and drive new revenue streams, Robbins said. Cisco wants to enable that at scale and do so securely, he said.

“We are going to build the secure, intelligent platform off which you can run your digital business of the future,” Robbins said.

The new kind of intuitive network is powered by intent and informed by context. What does that mean? Imagine you are an IT or network administrator and want to deploy a security defense mechanism. The intent-based network would allow you to enter that mechanism once into the network and then have it deployed at scale across hundreds of devices instead of manually scripting and deploying those changes to each device.

Or, as Network World notes:

If a business wants to secure all traffic from accounting, that command is issued and the systems would take care of all the technical details. Network changes are automated and continuous, so if a worker moves, all the policies and network settings follow him or her.

The intent-based network allows IT to “move from tedious traditional processes to automating intent, making it possible to manage millions of devices in minutes — a crucial development to help organizations navigate today’s ever expanding technology landscape,” Cisco states.

Networks also need to interpret data in context to give businesses new insights. Intuitive networks interpret all of the context around data, resulting in better security, a more customized experience and faster operations, according to Cisco.

The new network also provides machine learning at scale using data to drive new insights. The result is a network that can adapt over time based on the intent that is flowing through it.

Cisco Unveils New Switches and Network Security Solution

As part of the announcement, Cisco unveiled the Catalyst 9000 Switching Portfolio, which delivers programmability and performance by innovating at the hardware (ASIC) and software (IOS XE) layers. Robbins said that the switches allow both Cisco and developers to build services on top of them, and support cloud apps, IoT devices and third-party apps at the network edge. The switches also allow businesses to segment different kinds of networks.

The Catalyst 9000 switches were used to build the new Encrypted Traffic Analytics tool. Cisco notes almost half of cyberattacks are hidden in encrypted traffic, and that figure keeps growing. Using Cisco’s Talos cyberintelligence and machine learning to analyze metadata traffic patterns, the network can identify the fingerprints of known malware threats even in encrypted traffic, without decrypting it and compromising users’ privacy. Cisco says the solution can detect encrypted traffic with up to 99 percent accuracy, and with less than 0.01 percent false positives. The software, which will be offered as a subscription service, is currently in field trials with 75 customers, Robbins said last week.

Another element of the new network approach is DNA Center, a centralized management dashboard that gives IT teams an intent-based approach to network spanning design, provisioning, policy and assurance. The dashboard gives IT full visibility and context across the entire network, allowing demonstrators to centralize management of all network functions. 

The intent-based network also provides Software-Defined Access (SD-Access), which uses automated policy enforcement and network segmentation over a single network fabric. The goal is to simplify network access for users, devices and things.

SD-Access automates day-to-day network tasks such as configuration, provisioning and troubleshooting, cutting the time it takes to adapt the network. It also makes it easier to resolve issues in hours instead of weeks, and can reduce the impact of security breaches. Cisco says that initial analysis with its SD-Access field trial customers and through internal testing has shown that the solution reduces network provisioning time by 67 percent, improves issue resolution by 80 percent, reduces the impact of security breaches by 48 percent and increases operational expense savings by 61 percent.

This will allow service providers to offer value-based services to their customers, Robbins said, and Cisco plans to take this approach to building service provider networks.

The new solutions, Robbins said, will allow businesses to address a multitude of issues they are dealing with “in order to bring all of this value to life.”

Read articles and check out videos from BizTech coverage of Cisco Live 2017 here

Cisco
Jun 26 2017

Comments