How to Simplify Management of Your Cisco & Meraki Hybrid Infrastructure
In the real world, it’s common to see organizations using hybrid network architectures. This could be for several reasons: perhaps decisions regarding appliance upgrades are made on a case-by-case basis. Or maybe your organization has a strong relationship with a particular brand, opting for third-party equipment only to fill the gaps.
Whatever the reason, managing complex hybrid networks can make an already difficult job much more complicated. Considering the constant updates, upgrades and changes required to keep a network in top shape, many admins find the task of managing hybrid systems labor-intensive. That’s why engineers at Cisco created the Cisco Defense Orchestrator (CDO), a cloud-based, unified approach to appliance management.
Simplify Your Policy Management
Efficient security policy management is essential to any organization looking to stay ahead of savvy attackers. CDO provides the tools administrators need to manage complex policies and configurations on hybrid networks made up of several different brands. With CDO, admins can maintain Cisco products, like ASA and Firepower, and Meraki MX products from a single interface without having to worry about the unique objects each brand uses to enact policies.
Thousands of security policies on several unrelated network appliances can be onboarded to CDO, allowing admins to monitor and manage policies like never before. CDO further assists in optimizing your network by highlighting policy discrepancies and providing intelligence recommendations to mend the issues it uncovers. This centralized control across Cisco and Cisco Meraki in one unified system greatly simplifies upkeep and security.
Cisco Defense Orchestrator wasn’t designed to make direct changes to your onboarded Meraki devices. Instead, your changes are staged in CDO until they are deployed “to either an on-premise Secure Device Connector (SDC) or the Cisco Cloud SDC. The SDC securely transfers the changes to the Meraki dashboard and the dashboard then pushes the changes to the Meraki MX device.” With this system, the CDO isn’t required to store and secure sensitive credentials like API keys or passphrases. Cisco’s SDC is tasked with handling and protecting your information while CDO is tasked with orchestration.
Key Features and Capabilities of Cisco Defense Orchestrator
Cisco’s CDO provides modern network professionals unbridled flexibility. Key features and capabilities include:
● The ability to write your policies once and scale across all ASA, FTD, and MX products.
● A centralized console to compare, filter and edit existing policies.
● Analysis of policies and objects, finding security errors and inconsistencies before attackers.
● Templates to automatically install and configure new appliances.
● Faster processes for verifying and installing security patches.
● Intelligently monitoring configuration changes and easily rolling back changes if necessary.