The rapid transitions and unpredictability of the last two years have forced IT teams to focus on the most immediate needs of the business. In technology terms, that boils down to three things: video conferencing, collaboration applications, and remote worker connectivity.
But that barely scratches the surface of what’s needed to enable and sustain the innovative new processes and operating models companies are developing. Fortunately, there are three massive technology shifts happening in 2022 that will give your IT team the boost they need to not only build, but sustain operations for these new models.
Wi-Fi 6E and 5G will deliver “wired-like” experiences
Let’s start with two major connectivity shifts that are already accelerating rapidly and together will unite to create opportunities for more flexible, agile ways of working.
I’m confident that 2022 is the year of Wi-Fi 6E. Last year we saw a few early entrants based on this exciting new standard, but they were mostly focused on consumer and low-end business access points. That’s all about to change. With a new crop of enterprise-ready access points—connected to more intelligent, cloud-based network platforms—IT teams will have everything they need to deliver a truly “wired-like” wireless experience and the scale to support new devices, sensors, and data traversing the network.
The time to invest in 6E is now. Based on the data we’ve captured in the Hybrid Work Index, the transition from Wi-Fi 5 to Wi-Fi 6 in the enterprise took less than two years to get from zero to critical mass, and 6E is likely to outpace that. The companies that invest now in 6E will step confidently toward the future knowing they’ll have the infrastructure in place to handle what’s next with ease.
Looking beyond the LAN, the advance of true 5G infrastructure has now reached a tipping point. According to a recent report from Omdia, global 5G networks are about to reach 10% subscriber penetration. In parallel, IDC surveys consistently show network and IT teams prioritizing wireless WAN connectivity as a top priority for primary and backup connectivity.
While the spectrum has been there for the taking, what’s really unlocking the potential of wireless is the accessibility to IT teams. More flexible options for wireless WAN and wireless LAN will shift the workload on IT from band management and optimization to thinking bigger about what’s possible on the network.
SD-WAN, meet hybrid cloud
These same shifts in work are creating different challenges and opportunities for the network. The combined need to deliver a consistently secure, high-quality experience for employees is shining a spotlight on the intersection of SD-WAN and hybrid cloud deployments. Or, put another way, “with great connectivity comes great responsibility.”
With hard requirements for low latency across geographically distributed workloads, better resiliency, and global compliance with data privacy regulations, more organizations will accelerate multi-region cloud deployments on platforms like AWS, Google Cloud Platform, and Microsoft Azure. But, to keep these services running in top shape, organizations will need a dynamic and central way to manage their multi-region deployments.
In addition to new architectures that streamline connectivity for hybrid infrastructure, I see increased collaboration across two roles: the network architect and the cloud architect. Networking teams and DevOps will need to combine their powers to unlock the potential of this more flexible infrastructure.
Smarter ways to use our workspaces
Finally, we can’t ignore the pull of the office. As commutes become a thing again, most would agree that safety, comfort, and physical security are top of mind for everyone. The need to provide a confident return to the office will no doubt accelerate investment in smarter spaces, with a focus on air quality monitoring, space utilization, and dozens of other compliance requirements.
We’re already seeing how new sensor technologies paired with cloud-managed network platforms are making it easier and faster to experiment with space. With just a few employees and a pack of command strips, facilities teams will rapidly deploy new systems to monitor restricted spaces, track assets as they move across locations, and start combining all that data in new ways to automate day-to-day events in the office.
These early applications will be just the tip of the smart spaces iceberg, too. With more smart cameras, environmental sensors, and wireless location data streaming into network platforms, we’re creating the opportunity to make more advanced intelligence capabilities accessible to any organization. By the end of the year, I expect to see advanced computer vision applications—once solely the territory of the top 1% of companies—adopted by companies of every size, in any industry. I can’t wait to see what they build.
A better year, and better experiences
Call me optimistic, but I do believe the months ahead will be exciting ones for the public and private sector alike. Advances in network technologies and access to simpler platforms means we can rapidly improve the experience of work.
At one point, we all thought that remote work was going to be a quick fix. Two years later, we’re all embracing this new paradigm. I’m looking forward to seeing what new technology experiences we get to have in the year ahead.
Today, networks are becoming decentralized as workers increasingly log in from various devices and locations. We’re seeing the network transform as more applications move to the cloud, fundamentally changing the way we work. The number of remote workers has dramatically increased and branch offices are adopting direct internet access (DIA) to provide workers with reliable and secure connections to the workplace. As organizations refresh their network, they are adopting SD-WAN or software-defined wide area network technology to better enable DIA. As such, there are important security considerations to keep in mind:
You can no longer depend on your existing, on-premises security stack
You need a way to secure your branch edge and cloud edge
Additionally, according to research by ESG:
Traditional security approaches are not effective in securing remote/branch offices and remote users—especially when connecting directly to the internet
68% of remote users have been targeted in recent attacks—hackers know which users are most vulnerable and will look for the path of least resistance when attempting to infiltrate an organization
To address these issues, we are seeing the emergence of Secure Access Service Edge (SASE), which enables the convergence of networking and security in the cloud to deliver secure access to applications, anywhere users work.
Providing reliable, secure experiences across your SD-WAN network just got easier
Your business needs the right solutions to adapt your network to the new hybrid work paradigm, while maintaining security and reliability for workers.
That’s why Cisco Meraki is announcing the general availability of the Meraki Umbrella SD-WAN connector, which integrates the Meraki MX security and SD-WAN appliance with Cisco Umbrella to enable rapid deployment of cloud security across your SD-WAN network.
You no longer need to spend hours on manual configurations or building complex routing tables with redundancy. With dynamic policies, intelligent path selection, automatic load balancing, and failover provided by the Meraki Umbrella SD-WAN connector, you can now maximize performance and reliability while consistently protecting users against internet-based threats, both on- and off- network
Maximize SASE connectivity and security
The Meraki Umbrella SD-WAN connector offers a scalable, accelerated step for your SASE journey with a deeply integrated networking and security solution. It significantly reduces the cost, time, and complexity previously associated with configuring and managing SD-WAN connectivity to Cisco Umbrella cloud security.
The Meraki MX security and SD-WAN appliance, along with Umbrella, are core components of the Cisco SASE architecture. Umbrella unifies multiple security functions that were once services or stand-alone appliances into a single, cloud-native solution. It integrates DNS-layer security, secure web gateway, cloud-delivered firewall, malware protection, data loss prevention, and remote browser isolation for improved security efficacy. The global cloud architecture delivers network resilience and reliability to provide high-performance and secure connections. Combined, this makes it easier to extend the Meraki MX SD-WAN fabric into the Umbrella cloud.
Meraki MX security and SD-WAN appliances elegantly create a framework by securely auto-provisioning IPsec VPN tunnels between sites. The Meraki dashboard automatically negotiates VPN routes, authentication and encryption protocols, and critical exchange for all your organization’s Meraki MX appliances.
Jump start your SASE journey today
Meraki is ready to support your SASE journey wherever your starting point is and whatever your security and connectivity needs are. Whether you’re looking to on-ramp to a cloud architecture, securely connect hybrid or remote users, or move security from on-premises to the cloud, we can help.
Bring your own device (BYOD) increases productivity and satisfaction by allowing employees to work where and when they want. But it potentially opens up organizations to security and incompatibility problems because of all the apps each employee may have downloaded onto their personal devices.
The number of employees opting to work remotely in 2022 increased 24% compared with 2021, Global Workplace Analytics reported, with Millennials (44%) and Gen X (41%) leading the way in adoption of remote work.
Although remote work is extremely attractive to many employees, employers must address the challenges of securing a far-flung workforce. Like many enterprises that have embraced a remote and hybrid workforce, Cisco needed to ensure its team members used secure communications on their personal devices. But it also wanted to create seamless experiences that were the same, regardless of whether employees logged on at home, a corporate office, or a coffee shop hot spot.
As a result, Cisco’s IT department deployed Meraki Systems Manager as its mobile device management (MDM) solution to support Cisco’s BYOD model. At Cisco, the IT team manages more than 60,000 employee-owned mobile devices. By adopting BYOD, Cisco employees can connect to the right work resources, anytime, anywhere, using their personal devices.
Seamless onboarding for employees
For many organizations, BYOD onboarding and enrollment is completely user-driven. When employees want access to business applications and services on their personal mobile devices, they first download an application. They can then log into the app using their Active Directory credentials and begin enrollment. The entire process is easy to follow, automated, and helps employees understand what will happen on their personal device if they allow Meraki Systems Manager to oversee it.
After opting into MDM management, employees are then prompted to install the configuration profile. This includes the certificate that authenticates each user and their device. As soon as the installation is complete, employees have access to their email, calendar, and collaboration applications.
An enterprise-ready MDM solution is key
For a large enterprise like Cisco, it’s critical to automate IT processes, report intelligently, and integrate with existing infrastructure. With Systems Manager—powered by Meraki APIs—IT accomplishes all these priorities at global scale. Likewise, those organizations that use customized, in-house systems require an MDM solution that seamlessly integrates these proprietary technologies.
Regardless of the applications or scale an enterprise has adopted, it’s vital that an MDM solution empowers IT teams to deliver the context-aware security that organizations need.
Results
On top of providing employees with a simple and efficient way to access work resources with their personal mobile devices, Cisco IT rests assured knowing security is front and center for the entire process. With Meraki Systems Manager, security policies require employee consent before they are given access to what they need. These policies depend on consistent compliance from employees, so they can continue to have access to business resources. Cisco IT has deployed employee BYOD with Meraki Systems Manager for 60,000+ devices and does not expect to stop any time soon.
The Form 471 application filing window is now open for funding year 2022, and will close at 11:59 pm EDT on March 22, 2022.
In December 2021, the Universal Service Administrative Company USAC announced that starting Wednesday, January 12, 2022, schools and libraries can begin submitting Form 471 to apply for this year’s E-rate funding (refer to this site for eligibility guidelines).
What is the E-rate program?
E-rate was created in 1997 as a federally funded program by the Federal Communications Commission (FCC). The program provides eligible schools and libraries with discounts of 20%-90% on broadband and voice services.
Which products qualify under the E-rate program?
There are two categories of equipment and services covered:
Category one Connectivity up to and outside the building (e.g., fiber optic cables); USAC defines this as data transmission services and/or internet access.
Category two Connectivity inside the building; USAC defines this as internal connections, managed internal broadband services, and basic maintenance of internal connections.
Which Meraki products are eligible for E-rate funding?
Meraki MR access points:
Deliver superior performance in high-density wireless environments
Let teachers spend more time teaching and students spend more time learning with seamless access to digital learning resources and no bandwidth shortages
Meraki MS switches:
Provide a seamless network experience for students and staff with access and aggregation switches that can be managed and configured anywhere
Enhanced with zero-touch provisioning, network visibility, and the ability to troubleshoot issues remotely, Meraki switches are the perfect backbone for K-12 school districts
Meraki MX security appliances:
Secure school networks with group policies, automatic firmware updates, and intrusion prevention
Stop malicious threats and files before they enter the network while analyzing files retrospectively to spot compromising behaviors in the future
Which solutions does Meraki have for K-12?
Providing smart and secure connectivity for students doesn’t need to be a chore. With a Wi-Fi personal network (WPN), schools can provide engaging wireless experiences without additional overhead. Every student is given a unique passphrase for all their devices, enabling those devices to discover and automatically connect to each other in dorms and classrooms. A WPN also improves data security by encrypting over-the-air traffic and eliminating the need to expose device MAC addresses. Students can easily register themselves in a few simple steps on a splash page without additional work for the operations team.
Want to know how other schools have utilized E-rate funding?
Reading School District implemented a full-stack Meraki solution that provides a fast and reliable network experience for their community. Watch this customer story video to learn how Meraki supports and enables digital learning across the district.
Please visit our website to learn more about upgrading your network with E-rate funding
When it comes to hybrid work, there are many network security implications to consider. As IT teams build more distributed, flexible networks, the challenge of identifying persistent threats and detecting unwanted network activity in encrypted traffic increases.
The necessity for remote work has accelerated investment in more flexible, collaborative operations. At the same time, the need to protect customer and corporate data as it travels is accelerating the adoption of encryption across the enterprise. Without some advanced planning, these two positive trends can combine to create a new challenge for network and security teams.
Distributed blind spots
To put this into perspective, we’ve seen the average number of sites managed on a Meraki network blossom over the past two years as companies adapt to a more distributed workforce. A 2021 Ponemon report observed that over the same period, the percentage of organizations that have established enterprise-wide data encryption plans has rapidly exceeded 87%.
The potential risk? Network traffic blind spots for security teams. The demand for smarter, more connected, more flexible workspaces increases the amount of encrypted internal traffic on the network, creating significant opportunities for attackers to hide in plain sight.
Device telemetry for threat analysis
Fortunately, there is an approach that can address these risks using your existing network infrastructure that provides full visibility into who is acting on your network and how—and it doesn’t require additional costly sensors or a slowing of traffic for inspection.
The Meraki MS390 can provide rich, detailed telemetry about application and endpoint behavior for every device on a Meraki network. By pairing this data with Cisco’s Secure Network Analytics, you can perform encrypted traffic analytics (ETA) to detect malware and govern the quality of the network across your business.
Creating a security baseline
Secure network analytics closely monitors the activity of every device on the network and can create a baseline of normal behavior for your organization. From there, it applies advanced behavioral modeling, layered machine learning, and global threat intelligence from Cisco Talos and its group of security experts to build a sense of what’s normal, what’s anomalous, and what qualifies as threat activity on the network.
By taking this approach, you can proactively identify threats hiding in encrypted traffic without increasing your investment in add-on sensors or expensive in-line traffic decryption, all without compromising the confidentiality or integrity of customer and employee data.
Detecting threats made simple
Customers have used this technique to uncover malware hidden in encrypted traffic, detect activities associated with advanced persistent threats, and even identify illicit cryptocurrency mining services running within the network. Based on the Cisco Hybrid Work Index, these are some of the top queries blocked by Umbrella through the end of last year.
We’ve recently enabled encrypted traffic analytics for the Meraki MS390 with the firmware 15 beta release. To get started using your Meraki network as a security sensor, update your switches to firmware 15 via the dashboard. Or, request a demo today if you’d like to see Meraki and secure network analytics in action.