Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
Protect Your Local Government and School District from Cyber Attacks
By Dr. Mike Strnad, Sentinel Strategic Business Advisor
As the number of cyber attacks continues to rise, small towns, districts, and municipalities have become just as likely to be targeted by hackers as larger cities. For every massive security breach that's taken place in a major metropolitan area like Baltimore and Atlanta, there have been many more in areas like Lake County (indiana), Fargo (North Dakota), and Naperville (Illinois).
The local governments and school districts in these smaller cities and towns are easier targets because they often don't have the proper budget or personnel to properly protect their sensitive data. It's how 51,000 students and staff from the Indian Prairie School District all had their personal information exposed in a recent breach. That’s just one recent example from the thousands of ransomware and other cyber attacks that have taken place in the first half of 2019.
The fallout from these security incidents tends to be catastrophic on multiple levels. In a ransomware situation, many government and educational institutions wind up paying exorbitant amounts to regain access to their encrypted data. This is money they don't have or that's already earmarked for other things intended to benefit local citizens and students. Plus, it helps ensure they can't afford to spend additional capital on quickly improving their security posture for the future. People also expect their personal information to remain safe in the hands of a government or school district, so when a breach occurs and that information gets stolen, it marks a significant violation of trust that's nearly impossible to recover.
Sentinel wants to equip your organization with the right training and solutions to fend off cyber attacks and avoid breaches. It starts with our Advisory Services team, who can run assessments and tests to uncover the gaps or weak points within your environment. We also offer security training for employees, because so many attacks succeed due to user error. These are relatively inexpensive ways to improve your security posture.
The Sentinel team has more than 2,300 technology certifications, many of them in the security field. We also specialize in government, education, and healthcare organizations no matter how large or small they might be. In addition to our many security solutions, Sentinel also offers 24x7x365 security monitoring through our Security Operations Center, plus network monitoring, maintenance, and support via our Network Operations Center. Our goal is to ensure customers can innovate and achieve growth while keeping their data, employees, and other assets safe.
If you are interested in learning more about Sentinel’s Advisory Services or SecuritySelect offerings, please contact us!
The Importance of Identity Management and Two-Factor Authentication
By Mark Combs, Sentinel Strategic Solutions Advisory
If your organization is looking to either refresh or expand its security posture, identity management is the perfect place to start. A lot of companies have either already invested in Microsoft Office 365 or are planning to transition into Office 365, and if you fall into either of those categories I hope you have some sort of two-factor authentication in place. Leverage your Microsoft tools and investments with a two-factor authentication product like Duo for proper identity management. If you don’t, it’s not a matter of if a breach will occur within your environment, but when. You are 100% going to get your email accounts compromised at some point in time. It’s just going to happen. Insider threats are just too great. One of your users will accidentally click on a phishing attack or have their password stolen. Passwords like Summer2019 or Winter2018 might meet most password complexity requirements, but they’re easily guessable.
As part of a standard Sentinel pen test, I download billions and billions of usernames and passwords from the dark web. They’re out there and available to just about anyone if you know where to look. Most people use the same password across multiple accounts for things like Google Docs, their online banking portal, and their corporate network. Users are relying on the security of those companies to keep that information safe. But maybe you download a white paper from a questionable site and it leads to your account getting compromised. Your passwords get leaked onto the dark web and wind up in my database. During the pen test, I can search through customer names on the database, and find their email and password. Maybe their password was abc123, then abc1231, then abc1232, and that’s clearly a pattern, right? So even if the compromised passwords listed on the database are no longer current, it’s not difficult to come up with ideas as to what the newest password might be. I’ve been extremely successful in pen tests only using that dark web password database to gain access into Outlook web accounts. Once I get into someone’s Outlook web account, I can then look at other protected sites they visit and reset those passwords because the “Forgot Password” link gets sent to the email account I’ve already gained access to.
Even when Sentinel does something like an Active Directory assessment, we’ll still check to see how many user passwords for Active Directory have been compromised. Recently we completed an Active Directory assessment for a school district where we walked in on the first day and were able to access 15,000 user accounts using the stolen password database. So we essentially had 15,000 different paths to try and figure out how to move laterally through their network. As another example, I did a pen test recently at a small company where the head of Human Resources was also the Chief Financial Officer. So she was dealing with highly sensitive information on a daily basis. Her password was listed in the stolen password database. Once I got into her account, it was pretty much game over for the entire company just because of all the access it gave me.
These and many more reasons are why secure identity management is so incredibly important. If your organization uses two-factor authentication, it provides a second line of defense against stolen passwords and requires users to approve account logins via a separate device such as a personal smartphone. A user can decline to authorize a login via their device and prevent an attacker from gaining access to their account. That same user can then change their password to ensure the attacker can no longer continue to exploit it.
If you are interested in learning more about how Sentinel’s penetration tests, security assessments, and two-factor authentication solutions can help protect your organization, please contact us for additional information.
Sentinel's August Event Calendar
Sentinel’s “Always Leading” approach means that we keep a close eye on trends and new developments throughout the IT industry and pass that knowledge along to our customers so they can make the most informed decisions when it comes to their technology investments.
One of the ways we like to keep our customers educated is by hosting events. Not only do events provide an opportunity to learn more about a specific topic or solution with some of our experts, but they also allow us to get to know our customers and their needs better while building a stronger relationship. No matter if you’re a long-time Sentinel customer or are brand new to us and have never attended a Sentinel event before, we’d love to see you! Here are some fun and interesting events we have coming up over the month of August. Please visit the Events page on our website or click the individual event links below if you would like to learn more and RSVP!
Wednesday, August 14
SD-WAN and Cisco DNA Lunch and Learn [Register]
We're very excited to host a lunch and learn for our Chicago area customers at Gibsons Steakhouse in Oak Brook, where there will be a special presentation and demo focused on SD-WAN and Cisco DNA.
If you're not already familiar with SD-WAN (software-defined wide area network), now's the time to start learning more! It's become an increasingly popular solution for organizations eager to build a next generation network able to accommodate the complexity and high demands of today's cloud, application, and mobile-centric environments. SD-WAN can simplify the management of your network, improve the overall user experience, and increase security, all while lowering operational costs.
SD-WAN plays a central role in Cisco DNA (Digital Network Architecture), which is an open, software-driven platform designed to learn and adapt as the needs of users and the business change. It combines policy, automation, artificial intelligence, and analytics to simplify and scale operations as needed while protecting against attacks and the steady decline often associated with similar software. The goal is to unlock the full potential of your network and foster growth and innovation for the future.
Tuesday, August 20
Multicloud Topgolf Event [Register]
Many organizations are still just getting started on their cloud journey, so the mere idea of multicloud probably seems like things are going too far, too fast. We totally understand that, and want to help provide some clarity and insight into the world of multicloud with a fun event for our Chicago area customers at Topgolf in Naperville.
If your organization has more than one public or private cloud deployment from different vendors (for example, AWS and Azure), then you're already working from a multicloud environment. Some Software as a Service (SaaS) solutions such as Office 365 and Salesforce also have their own separate clouds as well. So how do you manage and secure multiple clouds while maintaining compliance and financial control? How can tools like automation help create additional visibility into your overall infrastructure? Sentinel experts will explore this topic in-depth so you can find the right path to streamlining and optimizing your cloud operations.
Thursday, August 22
Flashstack Converged Infrastructure Webinar [Register]
Sentinel partners Cisco and Pure Storage teamed up to create a new converged infrastructure solution called FlashStack. We're very excited to host a webinar so our customers from around the country can learn more about this highly agile and innovative platform. FlashStack essentially takes some of the best features from Pure Storage and Cisco (computing, network, all-flash storage, virtualization) and combines them into a single, integrated architecture that improves time to deployment while lowering costs and deployment risk. If you're looking to transform your infrastructure with a streamlined and flexible solution that fully supports all types of applications and cloud services, definitely join us for this one!
Of course, if you're unable to make any of these events due to timing or location, please don’t hesitate to contact us if you'd like additional information.
A Closer Look at Tetration
By Mark Combs, Sentinel Strategic Solutions Advisor
One of the hottest topics discussed at Sentinel’s Security and Multicloud Summit last week was tetration. In case you’re not familiar, tetration provides workload protection for data centers, cloud, and multicloud environments through the use of segmentation. It gives IT departments greater visibility throughout their infrastructure, enabling them to reduce the attack surface, detect software vulnerabilities, and identify security incidents faster. Here’s more information from Sentinel Strategic Solutions Advisor Mark Combs:
Tetration plays an important role when troubleshooting within your environment. Say you work at a healthcare organization and they’re having an issue with the Epic medical records system that quickly becomes a crisis. An Epic server is talking to who knows how many different network servers. You don’t know if it’s just this one Epic server talking to this one database, or if it’s a larger network issue. Thanks to the application dependency and mapping tools that are part of tetration however, you can figure out exactly which workflows are talking to which servers, which helps with troubleshooting. So whether you have an Epic issue or a database issue, you’ve got a better idea of what’s causing slowness or other complaints about an app.
The primary purpose of tetration is to help with security throughout your environment. One of our customers recently went through a ransomware attack. Every domain controller and all their backups were completely encrypted by this dangerous ransomware known as Ryuk. But the attack actually originated with a phishing attempt using malware known as Emotet. A user opened up an email attachment that looked normal, and didn’t even know they had been infected. Once Emotet had access to the user’s system, it began to set up secure tunnels over SSH and 443. Once those outbound connections had been built, it downloaded the Ryuk ransomware onto multiple PCs and spread laterally to encrypt the entire network from there. Since we’re all well past using Windows 3.1 where there was file sharing or mapping drives between PCs, there’s no reason why a laptop should be mapping server message block (SMB) shares to other machines. We use file servers and cloud for those things today. Tetration detects those sorts of anomalies on your network and stops them from spreading. If our customer had a product like tetration, maybe one or two of their servers would have gotten encrypted, but the Ryuk ransomware wouldn’t have been able to spread laterally. The damage would have been very controlled and mitigated in that aspect.
It is one thing to be able to see which server is talking to which workflows on your network, but tetration also offers insight into a number of other areas: What process owns what port? What is the root cause of a specific network communication? Who installed that software? Why is that software running there? What is that software’s purpose? Does this process need to be talking to this server? These are the sorts of things that can start a discussion and lead to network and infrastructure improvements. If nothing else, tetration is useful as a tool to better understand what is happening inside your organization.
Tetration is not just limited to on premise environments, it extends into the cloud too. No matter the location of your infrastructure elements, they need to communicate with one another and you need to be able to access your workloads. There could be portions of your on premise environment that have no business talking to your workloads in the cloud. Would you notice that? It’s a problem if you don’t know that someone is spinning up a bunch of virtual machines (VMs) in your environment automatically. Use tetration to gain greater clarity and control throughout your environment, so you can uncover and stop any issues or attacks before they have the chance to cause significant damage to your organization.
If you would like to learn more about tetration and how Sentinel can help keep your environment secure, please contact us.
A Preview of Sentinel's 2019 Security and Multicloud Summit
This Thursday, Sentinel and Cisco will be hosting a security and multicloud summit for our customers at Arlington International Racecourse in Arlington Heights, IL. A few of Sentinel’s subject matter experts will be on hand to share details about the latest security innovations and trends designed to keep users and sensitive data safe. Those in attendance will also have the opportunity to learn more about multicloud and how it can help foster business growth in new and exciting ways.
There will be a Q&A portion so people can address any specific technology needs or concerns they might have, as well as a “Vendor Row” where partners including Cisco Security, Meraki, Attivo, Cloudian, and Varonis will have tables with information and maybe even a few giveaways. It’s one of our biggest events of the year, and we hope you can join us! If you’re unable to attend or simply need a little extra motivation to RSVP at the last minute, here’s a preview of some things we’ll be talking about:
Cloud adoption continues to accelerate for businesses of all types. Interest in Infrastructure as a Service (IaaS) is expected to grow more than 25% over the next five years, while overall public cloud investments will increase by 18% across the globe during that same time period. As public cloud spending balloons to around $370 billion, around 40% of that will go toward various different Software as a Service (SaaS) solutions such as Salesforce and Dropbox. Multicloud is simply when you have portions of your environment hosted in more than one type of cloud or through more than one cloud vendor. For example, if your IaaS is hosted via AWS and your Office 365 is hosted via Azure, that qualifies as a multicloud environment.
When organizations invest more in public cloud services such as IaaS they also need to ensure the data and workloads being stored there stays secure. Gartner has adopted the term “cloud workload protection platforms” (CWPP) to describe these emerging security solutions designed specifically for public cloud IaaS. Cisco Tetration and Microsoft Azure Security Center are two examples of CWPPs, which provide enhanced visibility and control management across all types of cloud and multicloud environments. Overall CWPP capabilities vary depending on the specific vendor, but most include system hardening, host-based segmentation, system integrity monitoring, vulnerability management, and application whitelisting.
No matter where your organization is at currently with its cloud or multicloud posture, Sentinel wants to help ensure you have the right solutions to optimize and secure your environment. Our Advisory Services offer a variety of cloud-focused engagements designed to keep your IT team on the path to growth and success, including strategy development, readiness assessments, workload consulting, governance reviews, as well as security analysis and training. Many of these things can be tied to Sentinel’s Advisory Impact Methodology (AIM), a four-step approach focused on aligning technology with business processes to achieve specific goals.
This is just a quick snapshot of what to expect at Thursday’s security and multicloud summit. If you’re planning to attend, we’re excited to see you! It’s going to be a very fun and informative day. If you can’t make it to the event but are interested in learning more about the latest developments in security and multicloud technologies, please contact us for additional information.
Cisco Live 2019: Highlights From Sentinel CTO Robert Keblusek
By Robert Keblusek, Sentinel Chief Technology Officer
Just about a month ago I was fortunate enough to attend not just one Cisco event, but two (actually three, sort of). I joined a small group of partners for the Global Cisco Partner Technical Advisory Board (PTAB) and attended Cisco Live. The third event was a breakout within Cisco Live called the Partner Experience hosted by John Moses, the new Americas Partner Leader.
These were all great events that clearly demonstrated to me that Cisco really has an impressive vision and a customer-centric focus. During the week, I took the time to track many announcements from Cisco Live and captured a number of trade publications covering the event. From those publications, I created the word cloud to the right, featuring the top words published and indicating where a lot of the excitement was at Cisco Live 2019.
It is an exciting time for IT. Business driven outcomes, cloud computing, IoT, and much more are changing the way we do business and what we’ve come to expect from our technology. Spending a couple of weeks with Cisco leaders, our customers, and our partners was a great experience and reiterated the great opportunities we all have ahead of us.
A standout topic was strong momentum around networking, with a particular focus on DNA (digital networking architecture), intent-based networking, and SD-WAN. Cisco has been re-inventing networking for the past couple of years and has created world-class software-defined solutions from the data center through the enterprise, wireless, WAN and even cloud. Cisco combines industry-leading hardware and ASICs with software and cloud controllers focused on providing the best service experience within their domain (wired, wireless, data center, WAN and cloud for example). DNA Center has advanced to a very powerful network controller for the enterprise and Cisco demonstrated Artificial Intelligence coming this fall to software-defined (SD) enterprise networking that offers real business value leveraging years of networking experience to create a dynamic and self-optimizing network experience. AI-powered enterprise networking is scheduled to be available this fall with a software release for SD networking customers running Cisco DNA. If you have not seen the value of DNA yet, please reach out to Sentinel for a demonstration and DNA strategy session for your organization.
Cisco is also changing the game with SD-WAN services. They have combined a number of different strengths to turn their Viptela SD-WAN solution into a highly secure, intelligent WAN experience with a cloud and data center edge. Cisco’s SD-WAN now uses containers to run Snort IPS (intrusion prevention) powered by Cisco Talos threat intelligence. I see the WAN edge changing dramatically, which is also the primary reason for the incredible number of enterprises making SD-WAN decisions in 2019 and 2020. Cloud and SaaS are driving completely different traffic patterns, and the best user experience no longer benefits from backhauling traffic through the data center to access cloud-delivered services. This creates security challenges by forcing organizations to manage the new traffic and cloud hop off at the edge. Cisco has addressed this with their secure SD-WAN solution. Not only have they put in a strong, centrally managed firewall with Viptela and powered by Talos, but they have also combined this with Umbrella, one of their hottest security products. Cisco now offers hybrid security with Umbrella where customers have the option to secure at the edge, use the edge for east/west visibility, leverage Umbrella DNS services such as blocking and category filtering, but also use Umbrella capabilities as a secure internet gateway (SIG) and even a cloud firewall. No other vendor has such a powerful combination of tools to protect its SD-WAN customers.
For the data center, Cisco announced a number of advancements with its ACI (application centric infrastructure) offering. An exciting demonstration showed how ACI extends from your data center to leading public cloud providers Microsoft Azure and AWS. ACI is already a powerful policy centric infrastructure in the private data center, but now you can extend ACI to public cloud environments and create a true hybrid experience.
Bringing Networking Together
Over the last couple of years one of the top questions customers have asked me is, “Why so many controllers?” Normally I’d say that Cisco wants to have best-in-class SD controller-based networking for each purpose, which is true. But the proper answer has also been a bit more complicated than that, at least until now. Cisco announced that they have started providing multi-domain services driven by APIs. This will be available to customers who have invested in Cisco as their software-defined networking partner. There is an excellent blog from Cisco about this that I highly recommend reading. It describes the details behind this illustration below.
Sentinel is working with Cisco and our customers now to help define their journey to multi-domain software-defined services. If you have not already seen Cisco’s controller-based networking solutions and do not have a roadmap to an SD networking future, I encourage you to reach out to Sentinel for help and a roadmap for the future of networking.
Software-defined networking along with APIs has paved the path forward for programmable networking and automation. An example of this is Cisco’s inclusion of Artificial Intelligence (AI) in Cisco DNA SD networking coming this fall. A powerful demonstration of their networking AI in action was part of the Cisco Live keynote presentation. If you missed it, I recommend reading this blog to learn more about Cisco’s AI powered SD networking
This is only one example of using software and intelligence to build a smarter network that increases business value and decreases operational costs. With this new programmability and APIs, more organizations will be looking to integrate applications and outcomes to the networking experience throughout their networks and multi-cloud services. Cisco launched a new DevNet program and certifications that mirror their existing mature networking certification program. In addition, Cisco announced a new community-based developer center called “Automation Exchange” to accelerate network automation via programmability.
The future of network engineers will require experience with programmability. I think most IT departments should use a “three strikes and you automate” policy as a consideration for introducing automation to your networking experience:
+The first time you do something, you just do it manually.
+The second time you do something similar, you wince at the repetition, but you do it anyway.
+The third time you do something similar, you automate.
If you leverage Cisco’s DevNet training, certifications, community site, and code repository, this is far more attainable than ever before. Not only can you automate your networking tasks, but Cisco has also shown how they can use years of experience to baseline a network and use software to not only identify anomalies, but actually take action. In addition, your organization might achieve some creative business outcomes as a result of software-defined networking.
A good example is a project Sentinel worked on with a customer for their Meraki network. The customer wanted to find out the most popular areas where users were connecting to and spending time on their WiFi network. This helped them determine which spots would benefit most from new wireless network investments, and which ones might not be worth the cost. Sentinel was able to use the SD networking platform and API development to deliver this solution and provide business insights that were previously unavailable. This is just one example. What could SD networking make possible in your business landscape?
Cisco’s acquisitions over the past three years have resulted in an end-to-end security architecture, and that really took center stage at the SD networking presentations as well as throughout the entirety of Cisco Live. IT teams are struggling to deal with the extensive amount of security information generated from security products, networking equipment, servers, endpoint protection, and more. Not only has uncovering security anomalies become as challenging as finding a needle in a haystack, but the speed at which modern attacks monetize themselves has forced IT teams to seek automated rapid threat responses from the cloud, through the network, and at the endpoint.
Cisco is one of the only providers bringing security together for a cohesive solution within their product portfolio. These products share information and add context to the security experience – from email through the network to the endpoint and the cloud. This layered approach continues to analyze files, traffic, networking information, and more, and compare it to Cisco’s world-leading threat intelligence powered by Talos. The sharing of event details with threat intelligence, policy information across products, and identification of threats allows for policy enforcement that does not require manual intervention. For example, a threat might slip through email security but be detected by Cisco’s AMP for Endpoint. Threats are automatically blocked by Cisco ISE, Cisco Firepower Threat Defense (next-generation firewall), and/or Cisco Umbrella (DNS security and secure internet gateway SIG).
No other vendor has such a complete, end-to-end security architecture able to meet most enterprise needs. Plus, Cisco is combining these with smart purchasing options such as their new secuirty choice enterprise agreements. To find out if Cisco is the right architecture for your security needs, reach out to Sentinel for more information and embark on a roadmap discussion to modernize your security architecture.
Internet of Things
While cloud consumption and Software as a Service (SaaS) are driving new traffic patterns and creating new security chellenges, IoT has also had a major impact on the needs of the modern network. Smart and dynamic segmentaiton is required throughout the network, WAN, data center, and cloud to support different traffic and security needs. It is clear that IoT has had a huge impact on consumers from mobile devices to smart homes, but enterprises are also dealing with the impact of massive IoT growth that is not slowing anytime soon.
As we address the challenges of smart and dynamic segmentation of the LAN, WAN, data center, and cloud with software-defined technology powered by machine learning, so must the network adapt to include non-traditional compute devices. Modern industrial machinery, SCADA networks, medical devices, smart utilities and building systems, and much more are all dependent on the network today. Security is at the forefront of these critical systems as the number of IoT devices we depend on continues to grow at an exponential rate.
Cisco has been actively adding intelligence to their software-defined networks and the multi-domain controller technologies to ensure that IoT information and context gets treated appropriately and passed through the network end-to-end. An example of Cisco innovation is their recent acquisition of industrial IoT (IIoT) security and management firm Sentryo. Sentryo will bring asset inventory, network monitoring, and a threat intelligence platform designed to secure Industrial Control Systems (ICS) and SCADA networks. Sentinel has recently seen an uptick in customers from the industrial and other sectors that require SCADA network and security assessments. When combined with Cisco’s intent-based networking and end-to-end security architecture, Sentryo provides a strong platform to enhance security for industrial networks tied into Cisco DNA. In addition, the threat intelligence of Talos provides an opportunity for Cisco to enhance the capabilities of Sentryo by giving them access to one of the world’s leading threat intelligence organizations, thereby increasing the capabilities of the platform.
Cisco also announced new ruggedized heavy duty series Catalyst switching, wireless, and SD-WAN offerings at Live 2019. For rugged use cases, these products offer the same DNA advantages mentioned earlier in this blog but are ready for industrialized environments with extreme conditions. Lastly, Cisco enhanced their edge compute/data service options with a new network-integrated edge compute that supports docker container services on IoT edge devices.
It is a very exciting time to be a Cisco partner and the transitions in IT are coming faster than ever, changing how IT has traditionally provided services. Unfortunately I couldn’t cover everything in this blog. There were other exciting announcements surrounding multi-cloud services, 5G, Cognitive Collaboration, customer care, and much more. Organizations expect their technology to be secure, trustworthy, reliable, and easy to use. Intelligent automation is the quickest and simplest way to support these modern digitization efforts.
Powered by software, Cisco has reinvented networking while providing the strongest end-to-end security architecture available. Gone are the days of highly skilled individuals manually configuring individual network devices. These skills are still necessary, but are now augmented by automation, development, machine learning, and AI. Cisco is leading the way. If you have not looked at Cisco lately, you should. Contact Sentinel and request a briefing. I know you will like what you see.
Frequently Asked Questions: Multicloud and SD-WAN
by DJ Coluzzi, Sentinel Product Manager for Managed Services and Cloud
What is multicloud?
Multicloud is when an organization uses multiple different cloud services. For example, you might have Infrastructure as a Service (IaaS) deployed via AWS or Azure working in combination with Microsoft Office 365 or Salesforce, which are their own individual cloud services. A lot of people think of multicloud as just investing in both AWS and Azure, but they forget that Office 365, Dynamics ERP, and other types of Software as a Service (SaaS) platforms fall into that category as well. All of those different pieces have to be taken into account when you’re making changes to connectivity, security, operations, and such within your IT infrastructure.
What types of organizations would benefit most from multicloud adoption?
In all honesty, pretty much everybody. Even with Sentinel’s smaller customers we see people who are using multiple types of business applications. They have Quickbooks as a SaaS application, they have Office 365, and that’s it. Those services, and maybe a few other cloud services on top of that, cover all their business needs. On the opposite side of the spectrum you have enterprise organizations, who might have Kubernetes deployed across multiple cloud environments. There are also plenty of businesses who are somewhere in the middle, all trying to figure out how to get the most from their hybrid cloud or multicloud investments.
How is multicloud related to SD-WAN?
Both multicloud and software-defined wide-area networks (SD-WAN) are based around the need for a single, unified infrastructure. SD-WAN creates a common network infrastructure that has security, multipathing, resiliency, and redundancy all built into it, so that way you’re properly routing your network and your traffic to different areas of the cloud. In the near future we’ll likely have cloud, core, and edge infrastructures all interlinking with each other, and SD-WAN will function as the plumbing for that. That way you’ll have your corporate data center services working seamlessly in tandem with your cloud services like Salesforce, fully integrated with whatever you would need hosted at the customer edge. Use cases are ultimately going to dictate how SD-WAN connects all of those services together in a secure manner.
What building blocks do organizations need for SD-WAN?
Creating a proper SD-WAN solution for your organization primarily depends on what vendor or vendors you use. Cisco offers Viptela and Meraki, which are two great SD-WAN solutions for different types of businesses. Both have native enhancements and native abilities built into them already. Meraki tends to function best at small- and medium-sized organizations, while Viptela was built with enterprise-level support for SD-WAN. Start by determining what you’d like to accomplish with your WAN from a business perspective, then figure out which products and services most natively map to those goals.
What benefits and opportunities for growth are created with SD-WAN?
The main benefit of SD-WAN for most organizations is going to be network redundancy, along with using the transport layer however they want. The best SD-WAN solutions will reduce the cost of expensive circuits such as MPLS, use direct internet access at the edge to enable technology at small or remote offices, and bring those things together so your network connectivity, from your end user to your core data center to your cloud service, remains highly secure. So SD-WAN is really the marriage of not only your traditional routing and VPN services across your WAN and end users, but it also incorporates security into that model too. It takes an overlay, puts it across the wide area network, and makes sure that everything routes and functions properly through automated and orchestrated means.
If you would like to know more about Sentinel’s multicloud and SD-WAN offerings, please contact us. We are also hosting a highly informative multicloud and security-focused event later this month in Arlington Heights, IL. Click here to learn more if you are interested in attending.
Cisco Live 2019: The Major Announcements
There are a number of reasons to attend the Cisco Live! conference every year. The keynote speeches, the panel discussions, the hands-on training sessions, and the opportunities to meet Cisco executives are only part of what this annual five-day event has to offer. Beyond expanding your knowledge base and learning more about IT industry trends, areas like the World of Solutions places the spotlight on Cisco’s many partners showcasing their own unique solutions and services. Having so many different IT executives, experts, and customers gathered in a single location also creates a great atmosphere for networking.
Sentinel was proud to have a strong presence at Cisco Live! 2019, as several members of our team flew out to San Diego for the conference. Some went to explore the many different panels and sessions, while others spent a majority of their time engaging with IT professionals at the Sentinel booth and at the hour happy hour event we hosted. You can read a little about both types of experiences and the key takeaways from each in last week’s blog. This week, we wanted to share some additional details surrounding the major announcements that were made by Cisco at this year’s event.
IoT AR and VR Are Changing Networks
New and emerging technologies, including Internet of Things (IoT) devices, blockchain, augmented reality (AR) and virtual reality (VR), are quickly being adopted by consumers and integrated into their daily lives. Many organizations are working to adapt and keep up with these trends, but are finding that their networks aren’t exactly equipped to handle the heavy demands created by these advanced technologies. As a result, significant network upgrades and refreshes are becoming increasingly common so businesses can ensure they remain prepared for anything and everything that lies ahead.
The Continued Growth of Multicloud
Multicloud is an increasingly popular strategy in which an organization uses different cloud platforms (public, private, hybrid) and providers to meet specific application and workload requirements in an effort to streamline operations and meet business goals. As the number of users and devices connecting to corporate networks continues to skyrocket, multicloud offers greater flexibility, connectivity, efficiency, and customization compared to a more traditional cloud setup. There are also security benefits to having different portions of your environment spread out across multiple clouds and vendors. Cisco wants to help businesses get the most from their multicloud strategy, and have announced they are developing advanced data analytics tools for greater insights and overall management of assets. Sentinel will be hosting a multicloud event in July if you’re interested in learning more!
Advanced Machine Learning Integration
Cisco announced new software enhancements designed to use machine learning and artificial intelligence (AI) to analyze network data and deliver more valuable insights that will accelerate business and application development. The basic idea is that machine learning collects relevant data from local networks and combines it with aggregated data to create a unique network baseline able to grow and evolve as users, devices, and applications are added. Machine learning on the network will also be able to spot potential issues or threats and alert the proper IT personnel so they can take care of it before things take a turn for the worse.
SD-Access Combines with SD-WAN and Application Centric Infrastructure (ACI)
As Sentinel’s own Matt LaSota said in last week’s summary blog, “The future is seamless integration and automation between SD-Access, SD-WAN, and ACI platforms to deliver an end-to-end network experience, and it’s right on the horizon.” Cisco’s ultimate goal is to make it easier for enterprise IT teams to securely add users and devices to the data center and cloud networks from any branch location. They’ve also managed to improve the user experience by ensuring all application requirements are automatically shared between the data center and WAN. Lastly, Cisco has extended its encrypted traffic threat detection into public clouds, to help make those environments even more secure.
Overall it was another fascinating and fun Cisco Live!, and we’re excited to share these new innovations with our customers so they can remain ahead of the curve. If you would like additional information about any of the announcements or solutions detailed above, please contact us.
Cisco Live 2019: Top Takeaways from Sentinel Staff
Cisco Live! is Cisco’s annual conference for their partners and customers that focuses on technology trends, education, thought leadership, and networking. The primary goal of the event is to provide inspiration and showcase innovation as technology continues to evolve at an incredibly fast rate.
This year’s Cisco Live conference took place from June 9-13 at the San Diego Convention Center in California. Several members of the Sentinel team were in attendance, eager to connect with customers and learn more about the solutions set to transform the technology landscape in the coming months.
As the conference wrapped up, we asked some members of our staff to share the major takeaways or themes from the speeches, seminars and/or networking events they attended. Here are their insights:
Matt LaSota - Sr. Director of Sentinel’s Enterprise Support Services, Network, and CloudSelect
This year’s Cisco Live! focused largely on software-defined, security, and automation solutions. At least those were the topics that most interested me. The keynote made it clear that software-defined is at the heart of what Cisco is doing. They highlighted new innovations and integrations between the current platforms, with particular emphasis on SD-Access, SD-WAN, and ACI. The future is seamless integration and automation between those platforms to deliver an end-to-end network experience, and it’s right on the horizon.
The sessions specifically on SD-WAN and automation were most important for me this year. Even taking products that have been around for a long time, and a part of the regular line card like ASAv and NGFWv and scripting and automating their deployment, configuration, and management were great to see, and very much aligned with many of things we do today in CloudSelect.
A special highlight this year was an invitation to the NetVets CCIE/DE Lunch with Cisco CEO Chuck Robbins. Only a small group of people were given the opportunity to participate in Q&A with Chuck and his leadership team. No topic was off limits, and the discussion ranged from the future direction of products to certifications to recommendations and feedback around experiences with Cisco TAC (Technical Assistance Center).
Overall, this year’s Cisco Live! conference was top notch! I learned a lot from the educational seminars and discussion panels, but also had plenty of fun at social and networking events.
Chris Vasquez – Sentinel Sr. Sales Executive
Cisco Live! can be a really interesting and engaging experience, even if you aren’t watching keynote speeches and attending sessions to learn more about certain technologies. Beyond those things, there’s a sprawling convention floor to explore, where all different types of companies offer all different types of solutions. Many of them try to hook you in with appealing visual displays and plenty of giveaways. If you forgot to pack a spare set of socks, for example, there are probably a dozen or more booths giving away pairs for free, branded with their particular company logos of course.
Most of my time at Cisco Live! was spent at Sentinel’s booth on the convention floor, where we too had shirts and mints to hand out if people asked nicely. Along the way I had the chance to talk with a number of different people, from other Cisco partners to potential future customers. While there wasn’t a specific topic or solution that everyone seemed to be talking about, many were interested in learning more about our service offerings. They seemed to feel pretty confident and comfortable with their hardware, software, and cloud technologies, it’s just become tough for them to keep all of it fully secure, optimized, and up to date. This is where things like Sentinel’s Managed Services, NOC monitoring, SOC monitoring, and SIEM can really shine, because we handle all of the day-to-day operations along with regular maintenance and support, so our customers can focus more on their own goals and growth for the future.
It was a great time meeting so many new people, telling them a bit about Sentinel, and generally seeing what other partners are up to. Sentinel held a happy hour event one evening at a nearby bar after the conference that was a whole lot of fun, and Cisco also put together a wild concert with Foo Fighters and Weezer so conference attendees could let off a little steam. I’m hoping I can go back again next year!
If you are interested in learning more about any of the solutions and services outlined above, or are curious about some of the major announcements made at this year’s Cisco Live! please contact us for additional information.
Is Hyperconvergence Right for Your Organization?
By Geoff Woodhouse, Sentinel Solutions Architect
There’s been a lot of interest lately in hyperconverged infrastructure (HCI) solutions, and as a result plenty of big names like Dell Technologies and Commvault have introduced new offerings such as PowerProtect and HyperScale to help satisfy security and backup needs across all types of hyperconverged environments. Of course there’s also Cisco Hyperflex and Dell Technologies’ VxRail, both of which can run your production environment. Even though the market for HCI solutions continues to expand, it’s important to note that hyperconverged isn’t for everyone.
We’ve spoken with customers who have complained that HCI has added complexity to their environment and left them feeling ill-equipped to handle day-to-day operations. One of the biggest benefits of hyperconverged is that it places everything into one appliance for easier management, but that also makes it much harder to debug if something goes wrong. So some people want to keep their servers, storage, and network separate so they can make size adjustments to the individual parts as needed when experiencing growth or acquiring other businesses. Additionally, some organizations have designated server administrators, storage administrators, and network administrators. When you place all three of those pieces into an HCI platform, who does what? It’s all in one pool, so that can be a major challenge on the administration side of things.
Your purchasing cycle can also make it difficult to invest in an HCI platform. Many organizations spread out their technology purchases over three to five years, so one year they’ll refresh their network, the next year they’ll buy servers, and the year after that they’ll buy storage. As pieces start to become older or outdated they’ll create plans to replace them. With hyperconverged however, you have to purchase everything all at once. So you may have just bought new servers last year, but if you decide to invest in a new HCI solution then the servers are going to be replaced as part of the all-in-one package. Your overall refresh cycle needs to change to accommodate the new structure of your environment. Instead of laying out a three to five year plan, you have to budget differently, which can make things easier and more predictable financially but more difficult politically as IT managers negotiate their yearly funding.
So how do you know if hyperconverged infrastructure is right for your organization? If you’re operating from a smaller environment with about 5TB or data or less, I would recommend keeping all of your infrastructure pieces separate. The smallest HCI systems come with around 15-20TB of space, so you’d be overbuying which doesn’t make any sense. If you have anywhere between 20-50TB of data, that’s a sweet spot for HCI. If you’re operating a large environment with around 100TB of data however, you need to think carefully about whether HCI really is the best solution for your organization. It would be very expensive because you’d need to buy a lot of compute and memory, but you might be able to make it work. I’d also advise checking into other solutions too, because with such a large amount of data investing in a separate storage area network (SAN) would keep that data separate so it can be managed better than having it all in one platform where it might be too much.
A lot of the marketing around HCI will tell you it’s the best solution for every type of organization, but at Sentinel we’re focused on providing our customers with the right technology to meet their unique needs. If your organization uses 20-50TB of storage and 3-4 servers, I’d say that investing in HCI would be a smart choice about 80% of the time. For everyone else, especially smaller and larger companies that fall outside of those parameters, I’d strongly encourage you to investigate other options for enhancing your environment. If you are interested in learning more about hyperconverged infrastructure or other any other innovative technology for your servers, storage, and network, please contact us for additional information.