Building on Our Expertise
Cisco has several years of experience delivering infrastructure management from the cloud or Management as-a-Service (MaaS). Cisco Meraki is our hosted network management platform. There are currently over 1 million networks managed in the cloud by Meraki. We’ve learned a great deal along the way and earned the trust of our customers and partners.
Cloud-based systems management is relatively new, so IT operations staff and administrators have some concerns about security. We have leveraged the expertise we have gained from Meraki and other Cisco products as well as the Cisco IT organization, as we architected and developed Cisco Intersight.
This new brief explains the security we have designed into Intersight.
A Holistic, Pervasive Approach
Protecting customer infrastructure and data requires a close partnership between the Cisco IT and Information Security (InfoSec) organizations. Part of Cisco’s Security and Trust Organization (STO), InfoSec works with Cisco IT to help ensure that the products we build and the infrastructure we operate are secure. These groups work together to support business productivity while protecting our systems and data from internal and external threats.
Instead of focusing on security hardware and software alone, we take a holistic, pervasive approach to security by:
• Fostering a security-conscious culture to reduce the attack surface and provide a robust security posture
• Implementing security-focused policies and processes
• Embedding security throughout our infrastructure
Securing the Connection
Cisco UCS and Cisco HyperFlex systems are connected to the Cisco Intersight portal through a device connector that is embedded in the management controller of each system. The device connector provides a secure way for connected devices to send information and receive control instructions from the Cisco Intersight portal, using a secure Internet connection.
Securing the Data Transmission
All data sent to Intersight is encrypted, and all connections are initiated outbound from the device. The out-of-band control plane in the Cisco Intersight platform separates management data from IT production and application data. Management data, such as configuration and monitoring information and statistics, flows from the devices to the Cisco Intersight portal. IT production and application data is sent directly to its destination on your production data network.
Ensuring the Service
Cisco Intersight is a SaaS management solution delivered through the Cisco Intersight portal. Cisco personnel are available 24 hours a day, 7 days a week, for logistical security, operational, and change-management support. All services are replicated across multiple independent datacenters so that user services fail over rapidly in the event of a datacenter failure.