Multicloud on Security in 45 | Cisco Security Podcast

Network Segmentation Strategy: Micro vs VLAN Approaches

Fri, 13 Dec 2024 00:00:00 +0000

 Network segmentation remains one of the most critical—yet surprisingly underutilized—pillars of enterprise security. As cyber threats grow more sophisticated and breach containment becomes a primary concern, organizations are discovering that a solid segmentation strategy can mean the difference between a localized incident and a company-wide catastrophe. But segmentation isn't one-size-fits-all; the debate between traditional VLAN-based approaches and modern micro-segmentation strategies has evolved considerably over the past decade, especially as cloud environments and dynamic workloads have fundamentally changed how we think about network boundaries.

What This Episode Covers

The evolution of network segmentation strategies over the past ten years
VLAN-based segmentation versus micro-segmentation approaches
How group-based policy (GBP) enables more granular control than traditional VLAN segmentation
Proactive versus reactive segmentation and their roles in Zero Trust architecture
Enforcement mechanisms including VLANs, zone-based firewalls, and access control lists
Cisco TrustSec and Security Group Tags (SGTs) as enforcement tools
Cloud considerations and dynamic segmentation
How Cisco solutions (ISE, Duo, Multi-Cloud Defense) integrate to support segmentation
Designing segmentation to limit blast radius and contain breaches

Deep Dive

The Evolution of Network Segmentation

Ten years ago, network segmentation was relatively straightforward: you created VLANs, separated traffic by business function or department, and called it a day. Today’s threat landscape and infrastructure complexity have rendered that approach insufficient for serious security programs.

Cloud Security Posture Management: AWS, Azure, GCP

Wed, 02 Oct 2024 00:00:00 +0000

 As organizations accelerate their cloud migration strategies, the security complexity multiplies exponentially. With workloads distributed across AWS, Azure, and GCP—each with their own security models, compliance requirements, and configuration options—the traditional perimeter-based security approach no longer applies. Organizations are increasingly turning to [zero trust](/pillars/zero-trust/) principles to address these challenges. In this latest episode of Security in 45, hosts Mike Veedock and Andres Sarmiento tackle one of the most pressing challenges facing modern enterprises: how to maintain visibility and control over your cloud security posture as you scale across multiple providers.

What This Episode Covers

The strategic and operational benefits of cloud migration
Characteristics and differences between major cloud providers (AWS, Azure, GCP)
Essential security controls for cloud environments (MFA, network segmentation, encryption)
The critical role of Cloud Security Posture Management (CSPM) tools
Common cloud security risks and threat landscapes
Industry resources for deepening cloud security knowledge

Deep Dive

The Business Case for Cloud Migration

Cloud adoption has become less of a competitive advantage and more of a business necessity. Organizations are moving to the cloud not just for the “cool factor,” but for tangible, measurable benefits that directly impact the bottom line.

Multicloud Defense: Unified Visibility Across Cloud Environments

Wed, 02 Oct 2024 00:00:00 +0000

 As organizations continue their migration to cloud infrastructure, many find themselves juggling security across multiple cloud providers—AWS, Azure, Google Cloud, and more. The complexity multiplies when you're trying to maintain visibility and enforce consistent security policies across disparate environments, each with its own native security tools and management consoles. This fragmentation not only creates operational headaches but introduces dangerous blind spots where threats can slip through the cracks. In this episode, Mike Veedock and Andres Sarmiento explore how Cisco Multicloud Defense addresses this critical challenge by delivering unified security visibility and control across your entire cloud footprint.

What This Episode Covers

Unified visibility across multicloud environments — How to achieve a single pane of glass for security monitoring regardless of which cloud providers you use
Automated threat detection and response — The role of AI and machine learning in identifying sophisticated attacks without manual intervention
Centralized management and configuration — Simplifying security operations by consolidating control into one platform
Scalability for organizations of all sizes — Ensuring your security infrastructure grows with your business
Compliance and regulatory alignment — Meeting standards like PCI DSS and HIPAA across cloud deployments
Real-world protection scenarios — Defense against malware, ransomware, DDoS, and other contemporary threats

Deep Dive

The Multicloud Reality: Why Unified Visibility Matters

Most enterprise organizations today don’t operate in a single cloud environment. Instead, they’ve adopted a multicloud strategy—deliberately using multiple cloud providers to avoid vendor lock-in, optimize costs, take advantage of best-of-breed services, or meet regional compliance requirements. While this flexibility offers significant advantages, it creates substantial security challenges.