Cisco I-Wan Solution, Network Security & Anti-Malware Protection
CRO/Biotech Industry delivers Advanced Discovery, Development and Manufacturing Solutions, through a broad suite of expert capabilities across the molecular lifecycle. Also offers synthetic and medicinal chemistry services, such as focused libraries design and synthesis, building blocks and starting materials preparation, reference compounds and metabolites synthesis, and analogue design and synthesis services; and provides biology services to support drug discovery, including pharmacology, DMPK, toxicology, ADME, biotransformation, and bioanalytical areas.
As part of above core focus on Business, the Information Technology plays very significant role in the business process and is very key dimension for business. Due to focus on such high-quality efforts in Biotech industry, the IT team is focused more in delivering needed IT Infrastructure and IT resources and always will be in demanding expectation to deliver their portion in this highly interdependent business.
Most of the companies has multiple units across India/World. These locations would be connected on Dual MPLS VPN from two different service providers and back up link for all these locations is been on commercial Internet connections routed through HO. These locations might have Cisco routers as CPE devices and Fortigate firewalls which as a Gateway to Internet. The Primary link is MPLS and if this link fails the traffic would fall back on secondary MPLS provider or internet based on VLAN traffic and subnet traffic through firewall. Also all the primary link has dual last mile connectivity to ISP to avoid last mile failure. The LAN had mix of 10/100 and Gigabit switching connecting to core.
All branch offices would be using WAN demanding applications accessed through MPLS/VPN WAN connections. Also have the limited visibility to distinguish between them.
We can change this scenario by automating policy enforcement and few business outcomes behind this decision to bring down the cost of Dual MPLS and optimally use the commercial Internet, No compromise on security and enhance the security level from existing and above delivering the user the application as they need it.
Cisco I-WAN – Intelligent WAN solution with Cisco Routers can give Application Visibility and Control (AVC) from Layer 7point of view and see the actual application name and the protocol that it’s using and prioritize traffic based on the application preference given. With more than 1000 of application unique signatures that AVC knows how to recognizes get the proper visibility into bandwidth usage. The ability to set policies and control the network behavior automatically and prioritize (L7 QoS) the correct APPLICATION (not by using old school QoS of 802.1p or DSCP), and what better location to do that than the router that is the heart and center of network and gateway to the expensive WAN connection.
This would enhance the Application performance and user experience.
Another feature that is called Performance Routing (PfR), that can take two or more WAN connections and do DYNAMIC path selection between expensive MPLS and commercial Internet, you can route dynamically on the fly based on policy configuration that you set in advance, which application will take which path using the AVC and PfR service.
With DMVPN the security is the same as the expensive MPLS connection even though it is over the public internet. The PfR will also give you full use of your main WAN connection and backup WAN connection and make it active-active instead of an active-standby topology, this will actually use the backup connection as part as internet off-loading from the main WAN connection.
Firewall with Cisco firepower NGFW’s with End-Point AMP deployment for all IP end points will enhance security. These integrated deployment provides unique capability to defend before, during and after the attack. Security Solution provides visibility and control on the environment and mitigates threats. It works with network discovery, white listing and anomaly detection, AMP for End point protects the frontline defense. AMP has big data analytics of Cisco to continuously analyze files and traffic on end points if any advanced malware is present.
Automated alerts help to make prioritized and actionable security decisions.