Cisco I-Wan Solution, Network Security & Anti-Malware Protection

By Vivek Digumarti, Head - IT, Sai Life Sciences

CRO/Biotech Industry delivers Advanced Discovery, Develop­ment and Manufacturing Solu­tions, through a broad suite of expert capabilities across the mo­lecular lifecycle. Also offers syn­thetic and medicinal chemistry services, such as focused libraries design and synthesis, building blocks and starting materials preparation, refer­ence compounds and metabolites synthesis, and analogue design and synthesis services; and pro­vides biology services to support drug discovery, including pharmacology, DMPK, toxicology, ADME, biotransformation, and bioanalytical areas.

As part of above core focus on Business, the Information Technology plays very signifi­cant role in the business process and is very key dimension for business. Due to focus on such high-quality efforts in Biotech industry, the IT team is focused more in delivering needed IT In­frastructure and IT resources and always will be in demanding expectation to deliver their por­tion in this highly interdependent business.

Most of the companies has multiple units across India/World. These locations would be connected on Dual MPLS VPN from two different service providers and back up link for all these locations is been on commercial Internet connec­tions routed through HO. These locations might have Cisco rout­ers as CPE devices and Fortigate firewalls which as a Gateway to Internet. The Primary link is MPLS and if this link fails the traffic would fall back on second­ary MPLS provider or internet based on VLAN traffic and subnet traffic through firewall. Also all the primary link has dual last mile connectivity to ISP to avoid last mile failure. The LAN had mix of 10/100 and Gigabit switching connect­ing to core.

All branch offices would be us­ing WAN demanding applications accessed through MPLS/VPN WAN connections. Also have the limited visibility to distinguish between them.

We can change this scenario by au­tomating policy enforcement and few business outcomes behind this deci­sion to bring down the cost of Dual MPLS and optimally use the com­mercial Internet, No compromise on security and enhance the security level from existing and above delivering the user the application as they need it.

Cisco I-WAN – Intelligent WAN solution with Cisco Routers can give Application Visibility and Control (AVC) from Layer 7point of view and see the actual application name and the protocol that it’s using and prioritize traffic based on the applica­tion preference given. With more than 1000 of application unique signatures that AVC knows how to recognizes get the proper visibility into band­width usage. The ability to set poli­cies and control the network behavior automatically and prioritize (L7 QoS) the correct APPLICATION (not by using old school QoS of 802.1p or DSCP), and what better location to do that than the router that is the heart and center of network and gateway to the expensive WAN connection.

This would enhance the Applica­tion performance and user experience.

Another feature that is called Per­formance Routing (PfR), that can take two or more WAN connections and do DYNAMIC path selection between expensive MPLS and com­mercial Internet, you can route dy­namically on the fly based on policy configuration that you set in advance, which application will take which path using the AVC and PfR service.

With DMVPN the security is the same as the expensive MPLS connection even though it is over the public internet. The PfR will also give you full use of your main WAN con­nection and backup WAN connection and make it active-active instead of an active-standby topology, this will actually use the backup connection as part as internet off-loading from the main WAN connection.

Firewall with Cisco firepower NGFW’s with End-Point AMP de­ployment for all IP end points will enhance security. These integrated deployment provides unique capabil­ity to defend before, during and after the attack. Security Solution provides visibility and control on the environ­ment and mitigates threats. It works with network discovery, white listing and anomaly detection, AMP for End point protects the frontline defense. AMP has big data analytics of Cisco to continuously analyze files and traf­fic on end points if any advanced mal­ware is present.

Automated alerts help to make prioritized and actionable security decisions.

Don't Miss ( 1-5 of 20 )