Reinventing Zero-Based Thinking through Collaborative Workplace Expertise Across All Domains

When customers encounter the term ‘zero trust,’ it’s natural for them to assume that logging in to their workspace will be a more laborious process. When working in IT or IT security, additional tools can be acquired to enhance the existing robust security framework. In addition to ensuring compliance with regulatory requirements and maintaining a strong control environment, organizations must also undergo periodic audits to verify their internal controls are operating effectively.

It’s possible that’s why so many zero-belief tasks remain stalled.

Regardless of the perspective, achieving zero-belief-entry is an elusive yet captivating goal for many organizations; nevertheless, most groups struggle to successfully implement this strategy. ¹ particularly effective for securing remote work opportunities.

At Cisco, we’ve successfully engineered a solution that proactively mitigates recurring challenges by providing a secure, on-site expertise hub anywhere. Throughout the years, we’ve collectively embarked on a personal zero-belief journey within our own community circles and IT teams.

In 2020, we initiated a large-scale initiative to support our remote-first workforce, and are currently rolling out Cisco technology. Cisco’s massive and diverse IT infrastructure encompasses:

• 1 million IP linked “issues”
• 27,000 Cisco video gadgets
• 62,000 cell gadgets

Throughout sprawling campuses, tiny workplaces, homes, buyer platforms, wandering clients, and beyond

Within a remarkable 2020 timeframe, our organization successfully deployed Duo’s phishing-resistant Multi-Factor Authentication (MFA) and device posture management across our massive user base in just five short months. This impressive feat translated to an extraordinary outcome: during the first year, we effectively prevented over 86,000 potential endpoint compromise attempts every single month.

Recently, we successfully deployed Cisco Safe Entry, a Safety Service Edge solution optimized to facilitate a seamless transition from traditional VPN architecture to Zero Trust Network Access (ZTNA) and Virtual Private Network as a Service (VPNaaS). We’re just starting out, but we’ve already seen value.

As a direct outcome of Safe Entry’s streamlined approach, numerous groups are freed from researching complex networking and security protocols, thereby facilitating seamless connections and reducing the need for laborious tasks such as IP-user mapping, resulting in a notable increase in person-to-person connectivity. Prior to this point, enabling an on-premise VPN required a process that typically took several weeks to a month to complete. Through the VPN-as-a-Service (VPNaaS) capability within Safe Entry, our teams can now seamlessly enable secure remote access for authorized users.

Here’s how it feels to work remotely as part of Cisco’s typical distributed workforce:

• Without logging in separately, users securely access their laptops using Windows Hello or Mac Touch ID, and Cisco Duo seamlessly authenticates this operating system-level trust across various use cases and browsers.
• By leveraging its contextual awareness, Cisco Duo simplifies the user experience, reducing the need for complex interactions during authentication.

  Any adjustments to device postures and other context-dependent threat attributes will immediately prompt our customers to re-verify their identities through risk-based authentication, for instance, Verified Push.

• Staff working remotely can securely access required applications with ease, utilizing Zero Trust Network Access (ZTNA) or Cisco’s VPN-as-a-Service solutions to ensure seamless connectivity. Users enjoy seamless access to apps without worrying about the entry process, thanks to modern technology’s intuitive design.
• Our staff’s online presence remains securely safeguarded when they’re outside our company network, thanks to a comprehensive suite of cloud-based security tools, including DNS-layer protection, secure internet gateways, Cloud Access Security Brokerage (CASB), Data Loss Prevention (DLP), and remote browser isolation capabilities.

The initial SSE offerings were ill-equipped to support the distributed workforce of a remote-first office. Most of these distributors started as basic merchandise providers, offering products like CASB, NGFW, SWG, and many others, before bolting on additional features to meet the requirements of SSE distributors and secure zero-trust funding.

The foundation is fragile due to compartmentalized governance capabilities and a dearth of self-awareness that recognizes individual identities and contextual nuances. These obstacles hinder the widespread adoption of zero-trust principles, making it difficult for organizations to deliver a consistent and secure experience for all employees accessing various applications.

• Who are my target customers, what products and services do they access, which insurance policies apply, and how do I manage the various devices versus? What’s their comprehensive digital capabilities portfolio?
• What lies at the root of excessive latency, dropped connections, and tedious workflow processes? The answer may not be as straightforward as you think.
• Multiple brokerages, consoles, and insurance policies complicate the implementation of comprehensive zero-trust entry coverage across all environments?
• As organizations transition to Zero Trust Network Access (ZTNA), they cannot simply discontinue VPN support, since some applications continue to function inadequately without it. Moreover, charting a course towards zero trust at their own pace is a more effective strategy than being forced into a perilous VPN rip-and-replace scenario?

As organizations grapple with the complexities of implementing zero-trust models, it’s little surprise they’re struggling to make progress on their initiatives. Customers and IT groups alike desire enhanced zero-trust expertise.

Our Cisco Zero Trust Entry Point solution differs fundamentally: Its architecture is designed from the ground up to The Drive Multiplier offers unparalleled simplicity in managing robust identity security for the industry, seamlessly integrating with our leading Safety Service Edge (SSE) capabilities.

• The Cisco Safe Shopper is a multifaceted solution that streamlines installation, fostering seamless integration while reducing costs through its unified platform. It securely integrates modular options that include Zero Trust Network Access (ZTNA), Virtual Private Network as a Service (VPNaaS), and comprehensive security features at the Software-Defined Wide Area Networking (SWG) and Domain Name System (DNS) layers.
• As attacks unfold, hackers rarely breach corporate networks by hacking in; instead, they exploit existing access points by logging in with legitimate credentials. Duo continuously assesses user identity, behavior, and attributes before, during, and after login to ensure secure access, automatically adjusting authentication power based on contextual risk assessments.
• Unlike other ZTNA solutions that rely on legacy protocols with inherent efficiency limitations, Cisco’s foundation is built upon its proprietary Vector Packet Processing (VPP), which offers a significant performance boost and enhanced reliability through the use of modern protocols such as QUIC and MASQUE.
• — All components Across the Zero Trust Entry resolution, all security controls are delivered from the cloud, with a single exception: consumer-facing exercises, which remain on-premises.
• Compared to other solutions featuring distinct consoles for web entry security, ZTNA, and VPN, Cisco’s Zero Trust Network Access condenses these capabilities into a single interface, thereby enhancing visibility, facilitating comprehensive security policies, and streamlining operations to save valuable time.
• Thanks to our strategic collaborations with leading mobile device manufacturers such as Apple and Samsung, we’ve pioneered system-level integrations that deliver unparalleled connectivity reliability.

Cisco’s Zero Trust Entry solution provides robust identity security, seamlessly integrated with a comprehensive and easily manageable Security Service Edge (SSE). By deploying consistent in-office expertise across the board, you ensure that safety does not impede productivity.

With Cisco’s Safe Entry SSE solution, you’re not limited to just Zero Trust Network Access (ZTNA), but also get built-in Virtual Private Network as a Service (VPNaaS). This empowers you to undertake your zero-trust journey at your own pace, unfettered by the constraints imposed by other vendors.

¹Primarily based on the latest analysis from Cisco,

Share: