Cisco ACI bring a scalable model to being able to enforce wire rate security on any port to leverage a state checking packet filter for application traffic. Historically this was not viable from a management perspective due to the need to associate every filter with an IP address, which is solved with the group based… Continue reading Security Analytics of an ACI Fabric
Advanced Security Insertion in Cisco ACI
Cisco ACI was built from the ground up with security in mind. Whether it is protection of the fabric itself, whitelist policies and segmentation, or chaining of advanced security services, it is the most flexible system at scale to support a consistent security policy for bare metal, virtualized, private, and public clouds. The dynamic nature… Continue reading Advanced Security Insertion in Cisco ACI
The new security approach in the Data Center
Everything is moving in different directions, at an increasingly rapid rate of change. As new applications are evolving faster than ever, they are adopting more modern application development frameworks. The extension to a multi cloud environment is obfuscating the perimeter, and an entirely new breed of devices is connecting to the network, faster than ever.… Continue reading The new security approach in the Data Center
Monty Python Paradox
I had long thought the Monty Python paradox was simply incorrect. The background of the problem is as follows, “Suppose you’re on a game show, and you’re given the choice of three doors: Behind one door is a car; behind the others, goats. You pick a door, say No. 1, and the host, who… Continue reading Monty Python Paradox
Developing Talent in a Software Defined World
The power of incentives, combined with modern learning approaches, can create a cost effective way to develop our talent pools in an ever changing landscape. I’ve been blessed to work with large organizations with extremely talented resources over the past 20 years. These knowledge workers are the cornerstone of the organizational competencies these companies developed,… Continue reading Developing Talent in a Software Defined World
Macro Segmentation for System Level Hardening
Traditional policy enforcement will be insufficient for the future of clouds and things. We will need identity and attribute based macro segmentation to reduce the attack surface. Key constructs of the next generation infrastructures will be to: Define in Policy Enforce in Infrastructure Automate implementation and audit Segmentation is the construct of taking portions… Continue reading Macro Segmentation for System Level Hardening
IT as the efficiency Engine for the Enterprise
In my past 20 years in the technology industry, I have often seen the back and forth viewpoints on whether IT is a cost center, or a profit center, for the enterprise. There is good reason for this, as it shapes the ongoing investment for the IT environment. The cost center viewpoint views the underlying… Continue reading IT as the efficiency Engine for the Enterprise
Building Blocks of a Software Defined Infrastructure
As software defined networking and SD-Wan technologies begin to reach a state of maturity, the ongoing marketing in the industry is setting the agility and new new capabilities as primary agenda items. And this is for good reason, with a proliferation of services and net new IT requirements, optimizing cost structures and efficiency are key… Continue reading Building Blocks of a Software Defined Infrastructure
Criteria for Selecting an Enterprise Architecture for the Internet of Things
I’ve had the opportunity to be blessed to work with large financial accounts for the last 8 years. A strangely curious problem was presented 18 months ago in evaluating how to interconnect building management systems and newer machine based devices onto the existing network. What was interesting, was that the seemingly simple technical solutions conflicted… Continue reading Criteria for Selecting an Enterprise Architecture for the Internet of Things
Strongedge.io 