The Smart Network: Cisco's most disruptive innovation in a decade

A little over a year ago, my colleague David McGrew walked into my office to tell me about a project he was working on, and we had an unforgettable 45-minute conversation.

He told me that his team had found a proven way to solve one of the biggest challenges facing cybersecurity: They had invented technology that could identify malware in encrypted traffic. In tests, the technology had even achieved 99.99 percent accuracy without decrypting the information, meaning that this security measure didn’t have to sacrifice user privacy.

[[194760]]

When he explained how they ran their machine learning algorithms on Cisco's massive network traffic data set and discovered data features in encrypted traffic that could be used to identify malware, I realized they had solved a problem that had never been solved before. I had thought this problem was impossible to solve, but a team of Cisco data scientists proved that it was not, and they had completely solved the industry problem of "security and privacy cannot be achieved at the same time."

[[194761]]

David Goeckeler, Senior Vice President and General Manager of Cisco's Network and Security Division

Rethinking the Next-Generation Network

We introduced Enhanced Threat Analytics (ETA), an important technology. And this is not the only innovation we announced today. Enhanced Threat Analytics is part of Cisco's "All Intelligent Network", which is the next generation of intent-based network infrastructure.

The hardware and software innovations released by Cisco this summer are the result of the brainpower of thousands of engineers. They are built on Cisco's fully digital network architecture (DNA) and are considered Cisco's greatest innovation in a decade.

We believe this moment will be a defining moment in Cisco’s history and the beginning of a new era of networking. Today more than ever, Cisco provides the networking platform for digital business. A fully intelligent network that is intent-driven, has strong security, learns from its environment, and continuously learns.

Every day for the past two years, we have been relentlessly perfecting this new network and evolving it based on customer needs to make it a reality today.

We know that networks are critical to the future, but with the explosion in the number of devices, the emergence of the cloud, and the rise of mobile, we have to question whether the current methods of building and managing networks can keep up with the pace of world development.

We know that our customers spend a lot of time and money on network operations, but their infrastructure is still not agile enough.

At the same time, we are also facing security challenges. IP networks have opened the door to connecting the world, but cyber attackers have also taken advantage of the opportunity to launch attacks.

Taking all of these factors into account, we come to a fundamental conclusion: We need to rethink how we build enterprise IP access and campus networks from the ground up.

This is made possible by two key innovations: intent-based infrastructure and, today, DNA Center, our command center for enterprise networks.

Building a fully intelligent network

A fully intelligent network starts with an intent-based infrastructure, which is highly secure and covers almost all IP infrastructure, including switches, routers, and wireless access points, which are used to connect and route traffic from various devices (PCs, tablets, mobile phones, displays, and the Internet of Things) within the enterprise or on the Internet.

IP networks were born 30 years ago on a small scale, just to connect two departments in a laboratory. Now, enterprise networks contain tens of thousands of devices, but most companies are still using relatively primitive tools to manage these complex devices, which is not only expensive but also slows down the business development of enterprises.

Wireless networks are isolated from wired networks, which are isolated from WANs. They are managed and configured separately, with different interfaces, commands, and configuration modes. To make matters worse, you can usually only configure one device at a time.

Through a fully intelligent network, we will revolutionize this traditional approach and eliminate all the complexity that has accumulated over the past 30 years.

Now we have a unified system that covers the entire enterprise access network and supports all types of devices. This is an intent-based platform. Intent-based infrastructure is programmable and highly integrated, so it can run automatically. In addition, it has built-in security features that can detect threats and respond automatically, helping enterprises stay away from advanced threats.

This unified system includes Cisco's network software operating system, IOS. Over the past two years, we have completely rebuilt IOS for the needs of the digital era. Now driven by application programming interfaces (APIs), IOS is open, programmable, and modular, with the features required by a modern software stack.

These capabilities allow customers to extend IOS, more easily integrate IOS with other systems, and personalize delivery. It will run across the entire enterprise switching, wireless and routing portfolio, on new and existing infrastructure. All the capabilities and product types we have developed over the past 30 years are now updated and improved, which will help the development of intent-based networking for the next 30 years.

Our intent-based IOS software can be deployed on existing equipment and transform deployed networks. In addition, we launched the new award-winning Catalyst campus switch, the Catalyst 9000 series. This is the most advanced enterprise switch available today, and its key benefits include:

Programmable: High-performance, programmable ASICs can adapt to the requirements of future innovations, which is a major innovation in chip technology.

Enhanced Threat Analysis Ready: Helps networks detect and block the most sophisticated cyber attacks.

IoT Ready : Instantly discovers, onboards, and automatically segments IoT traffic, including automatically configuring the network to ensure security by isolating IoT devices from other traffic.

Mobile-ready: Capable of hosting wireless controllers and supporting new wireless standards such as 802.11ax.

Cloud-ready: These platforms are scalable and openly programmable, capable of hosting third-party applications on a built-in x86 compute complex, allowing customers to run their applications in containers or virtual machines.

While we are working hard to build this intent-based infrastructure, we have also developed a command center for the fully intelligent network, namely DNA Center. Users can define intent as policy in DNA Center, and the network will be automatically configured and execute intent based on this.

This process will run on hundreds or even thousands of switches, routers, and wireless access points that make up the enterprise access network. In the past, each device in the network needed to be manually configured one by one, but now business intent can be defined through a centralized dashboard on-premises or in the cloud (depending on customer requirements), and the entire network will then execute the policy as a unified fabric.

DNA Center is also an analytics platform that collects environmental information from the network it is in. All types of data that were previously distributed across thousands of routers, switches, and wireless access points can now be transmitted to DNA Center in real time, helping us gain better insight into enterprise operations and continuously learn to solve complex business problems.

This complete closed loop of defining intent, collecting environmental information, self-learning, and executing new intent based on insights is the intent-based network . Cisco combines the intent-based security infrastructure with the single-point policy definition, environmental information collection, and self-learning capabilities provided by DNA Center to make it a new approach to building enterprise networks.

This is: Network full wisdom