Catalyst 9000 Simplifies Network-Based Threat Detection Using Inline Security Telemetry

The term Catalyst is synonymous with accelerating change, stimulating actions, and facilitating transformations. The Cisco Catalyst 9000 family of switches and access points support these qualities for enterprise networks around the world, making it the fastest ramping product in Cisco’s history. Based on a powerful and flexible Programmable ASIC with Unified Access Data Plane (UADP) that unites wired and wireless data planes, the enterprise networking platform has delivered continuous innovations since its introduction, including:

• Purpose-built Zero-Trust Fabric for campus to branch with Cisco SD-Access
• Docker-based application hosting enabling use cases such as running ThousandEyes Agents on the switch
• Network-Based Application Recognition Engine (NBAR) for identification and control of 2000+ applications  

As enterprise networks expand from centralized data centers and campuses to support a distributed workforce and thousands of edge IoT devices, IT faces unique security challenges. While the workforce can take advantage of zero-trust multi-factor authentication to ensure proper access security, IoT devices cannot. Now Cisco is leveraging the programmability of the UADP ASIC to deliver zero-trust security for the world of IoT devices.

Zero Trust for IoT Using Network Telemetry Analytics

IoT devices should be continuously assessed to check for unusual behavior such as pretending to be trusted endpoints using MAC Spoofing, Probe Spoofing, or Man-in-the-Middle techniques. IoT devices—typically smart building technologies such as lighting, HVAC, and security cameras—need to be segmented from Information Technology assets to prevent lateral movement in the network. The key to segmenting IoT devices is to accurately profile and classify them according to type, communication protocols, and traffic patterns. To implement key principle of Zero Trust with least privilege access, the behavior of IoT devices based on a record of traffic telemetry needs to be available to trust analytics in real-time, as well as a historical view, to detect changes in behaviors.

To learn how Cisco Catalyst 9000 generates traffic telemetry for every device on the network to attain zero trust connectivity, especially for IoT, continue reading my latest Cisco blog post here.