“Security Everywhere” – Enterprise Branch Security for Direct Internet Access and IWAN

Cisco Blog

Two weeks ago, a leading global medical device manufacturer came to Cisco for advice. In an effort to streamline IT operations and reduce operating costs, the customer had recently migrated from their internal Microsoft Exchange 2010 environment to Office365, Microsoft’s hosted online service.

The migration was initially done for the headquarter users and the feedback was more positive than they expected. However, when they migrated their branch and remote office users, the WAN bandwidth usage almost immediately spiked and user experience suffered as a result.

This customer is certainly not the only company looking to embrace Cloud applications for greater agility, reduced costs and complexity, and increased productivity. Or has had to deal with BYOD issues and the increasing impact of video has on their bandwidth. However, what our customer and those other companies have found is that the current method of backhauling the traffic to the data center is no longer a viable way to handle the increased consumption when faced with a flat or even a declining IT budget. Therefore, many of today’s distributed enterprises are looking to use direct Internet access pathways in an effort to improve the user experience while reducing IT costs.

However, enabling direct Internet access (DIA) at branch offices also forfeits the inherent threat protection that traffic routed through the data center provides. The enterprise-level risks that branch offices face with BYOD issues, compliance requirements, and advanced persistent threats require enterprise-level security. According to Gartner’s “Bring Branch Office Network Security Up to the Enterprise Standard”, “By 2016, 30% of advanced targeted threats — up from less than 5% today — will specifically target branch offices as an entry point.”

Cisco FirePOWER Threat Defense for ISR addresses these issues by extending their industry-leading FirePOWER threat protection beyond its traditional network edge and data center deployments out to individual Cisco ISR routers. By embedding FirePOWER Threat Defense into ISR routers, Cisco delivers on its ‘Security Everywhere’ strategy, providing organizations the continuous visibility and control needed to defeat advanced threats across their extended network. It also enables organizations that want to take advantage of the cost savings and improved user experience that branch Direct Internet Access (DIA) provides to do so with confidence.

hai bo blog










The consolidated footprint of branch router and security technology also frees up valuable revenue generating square footage. And with the FireSIGHT Management Center, you get powerful centralized management over all of your FirePOWER Threat Defense for ISR instances while providing clear divide of roles and responsibilities at lower total cost of ownership.

To learn more about how Cisco FirePOWER Threat Defense for ISR can enable your organization to take advantage of the cost savings and improved user experience that Cisco Intelligent WAN (IWAN) branch Direct Internet Access (DIA) provides with confidence, please visit Cisco FirePOWER Threat Defense for ISR.

Please feel free to comment, share and connect with us on FacebookLinkedIn@CiscoEnterprise, and the Enterprise Networks Community.


We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Leave a Reply

Your email address will not be published. Required fields are marked *