Key takeaways from Cisco’s 2023 Network Trends Report

Cisco has just published their 2023 Global Networking Trends Report. This report covers some of the emerging networking trends in the multi-cloud world, and how they affect the IT operations and security of organisations. The report is twenty-one pages long and covers some interesting trends and observations from more than 2,500 IT leaders in 13 countries across North America, Latin America, Asia Pacific, and Western Europe (including the UK).

Image (c) Cisco

My key take aways from the report

  • Hybrid work and multi-cloud adoption are driving the need for innovative approaches to securely connect remote workers to corporate data and assets distributed across multi-cloud environments with a huge need (40% of respondents) to de-silo operations and bring together network and security controls and visibility.
  • Cisco says that “providing secure access to applications distributed across multiple cloud platforms” is the top challenge cited by 41% of networking professionals, followed by gaining end-to-end visibility into network performance and security (37%).
  • Growth and demand for SASE. SASE (Secure Access Service Edge) is a convergence architecture that delivers simplified and consistent security and performance for multi-cloud access and hybrid work. Cisco are a leading vendor in the SASE space which combines SD-WAN (Software-Defined Wide Area Network) and SSE (Security Service Edge) into a single, integrated SaaS security offering.
    • In the report, Cisco highlighted that 47% of respondents expect to connect their branches and remote clients using a SASE model by mid 2025, while 59% said that they will be prioritising centralising and consolidating cloud security over the same period.
  • Extending SD-WAN connectivity consistently across multiple clouds can automate cloud-agnostic connectivity and optimize the application experience. 53% of respondents prioritise integration with cloud service providers for this purpose5.
  • End-to-end network visibility and predictive analytics are essential for ensuring a consistent user experience across the complex digital service delivery chain, especially around SaaS apps with 51% of respondents prioritising end-to-end network telemetry and visibility. 47% of respondents said they will be prioritising predictive network analytics.
  • More organisations are multi-cloud than ever before with 92% of organisations reporting that they use more than one public cloud service (includes SaaS, IaaS and PaaS).

How Cisco Technology can help address these challenges

Cisco provide a comprehensive portfolio of products that can help organisations address many of the challenges of multi-cloud networking and security which fall into the SASE and SD-WAN categories. These include:

  • Cisco SD-WAN with edge security stack or SD-WAN with Umbrella Cloud Security (SASE) both leverage the Cisco Identity Service Engine’s Security Group Access Control Lists for segmentation policy management and enforcement across the WAN.
  • Cisco SD-WAN integrated with Cisco Umbrella SIG for a cloud-delivered SASE model that seamlessly secures access wherever users and applications reside.
  • Cisco Cloudlock, – Cisco’s cloud-native cloud access security broker (CASB) that helps secure your use of SaaS applications 
  • The Cisco SD-WAN and these SSE collaborations provide a range of SASE deployment options for our Partners and Managed Service Providers (MSPs), allowing them to utilize a mix of networking and cloud security solutions to offer multiple managed options to enterprises at various stages of their SASE journey 3.
  • Cisco Secure Access Service Edge (SASE) is a cloud-native platform that combines SD-WAN, SWG (Secure Web Gateway), ZTNA (Zero Trust Network Access), DNS-layer security, CASB (Cloud Access Security Broker).

The table below shows the key challenges discussed in the report and the corresponding solutions from Cisco that can help address them:

ChallengeSolution
Providing secure access to applications distributed across multiple cloudsSASE (Secure Access Service Edge), a convergence architecture that delivers simplified and consistent security and performance for multi-cloud access and hybrid work. SASE It combines SD-WAN (Software-Defined Wide Area Network) and SSE (Security Service Edge) within Cisco’s cloud platform
Gaining end-to-end visibility into network performance and securityCloud-based network detection and response solutions, such as Cisco Secure Cloud Analytics, which provides visibility and threat detection for an organisations’ network across public, private, and hybrid cloud environments.
Extending SD-WAN connectivity consistently across multiple cloudsSD-WAN multi-cloud integrations, which allow networking and cloud teams to accelerate and automate extensions from enterprise sites to various cloud providers and other enterprise sites through Internet, interconnect, or colocation and cloud provider networks.
Siloed cloud, network, and security operationsCloud-centric operating model, which brings cloud operating model principles to the network and across the entire cloud/network IT stack, enabling more integrated workflows and better collaboration between network, security, and cloud operations.
Visibility into end user experience and performance of multiple Cloud SaaS appsCisco ThousandEyes provides real-time and historic view into the availability of thousands of different SaaS apps. It allows IT to monitor all employee’s user’s digital experience against software as a service and on-prem applications, regardless of where users are, through the essential elements of your SASE architecture. With ThousandEyes, organisations can gain back visibility and control over SaaS applications and ensure that they are performing optimally.
Table 1 – How Cisco technology addresses the challenges of securing and managing Networking and Security across multi-cloud environments,

Summary

Cloud is the new data center, Internet is the new network, and cloud offerings dominate applications. By gaining a view of global Internet health and the performance of top SaaS applications, IT teams can proactively detect and remediate major unexpected network or application issues affecting them as soon as they happen.

Based on the report, Cisco say that organisations can mitigate against many of the challenges discussed by adopting a cloud-centric operating model that brings cloud operating model principles to the network and across their entire cloud/network IT stack. This can enable more integrated workflows and better collaboration between network, security, and cloud operations.

Cisco becomes first SD-WAN vendor to leverage Microsoft Informed Networking Routing to optimise performance of Microsoft Teams and SharePoint

Cisco Cloud On-Ramp

Cisco has released an updated version of their SD-WAN software which now supports the optimal routing of Microsoft SaaS apps including Microsoft SharePoint, OneDrive, and Teams on their SD-WAN. Cisco’s Vipella SD-WAN solution is the first SD-WAN solution to be certified for this.

Note: At time of writing, this feature applies to Cisco’s Viptela SD-WAN solution and is not currently supported in the Cisco Meraki SD-WAN portfolio. This may change.

With this update to the Cloud OnRamp feature, Cisco SD-WAN “further integrates Cisco’s support for Microsoft’s Informed Network Routing technology that lets organisations share Microsoft 365 app feedback telemetry with networking vendors and to receive network link telemetry from them”, according to Jeevan Sharma, Manager, Product Management, Enterprise Cloud & SD-WAN group at Cisco in a blog about the enhancements.

Known as Cloud OnRamp for Microsoft 365, it uses “proactive and continuous link probing to assess the best performing path at any point in time. It also allows network admin to utilize Microsoft URL categories granularity for categorizing the Microsoft 365 apps into Optimize, Allow and Default categories, while active link probing makes sure that the best performing path is always selected”.

How it works

This latest update to Cisco’s SD-WAN software, which continually monitors and controls the connectivity, management, and services between data users (remote or office based) and cloud and data centre services, now includes support for more Microsoft SaaS applications specifically SharePoint (and OneDrive) and Microsoft Teams.

Cisco SD-WAN customers can leverage Cisco’s Cloud OnRamp to intelligently route Microsoft 365 traffic, to provide the fastest, most secure, and most reliable end-user experience. This is done by ensuring that all connectivity paths to Microsoft 365 from each WAN / Internet connection at the branch, office, regional hub and/or data center is monitored continuously for performance, and application traffic is then dynamically routed to the best-performing path without requiring human intervention. Cisco Cloud OnRamp also provides real-time and historical visibility into SaaS application performance.

“I am excited to announce that the integration between Cisco SD-WAN and Microsoft Informed Network Routing now includes support for Microsoft Teams and SharePoint app telemetry. This update will help us deliver an improved end-user experience through enhanced cloud connectivity. The partnership between Microsoft 365 and Cisco SD-WAN further enhances your Microsoft Teams and SharePoint experience by optimizing routing and path selection beyond traditional network telemetry probes”

Jeff Mealiffe | Principal Architect | Microsoft 365 Core Networking | Cisco

Microsoft and Cisco Partnership

Cisco SD-WAN is Microsoft Network Partner Program (NPP) certified and is also a Microsoft 365 networking partner. As part of this program, Cisco SD-WAN aligns with the Microsoft’s Connectivity Principles aimed at helping Microsoft 365 customers achieve optimal end-user experience.

What is SD-WAN?

SD-WAN technology is available from leading network and vendors such as Cisco, Palo Alto etc, and typically include routers and switches or virtualised customer-premises equipment (vCPE). They run together using a connected software stack that handles things like policy, security, networking functions, and other management and security functions.

Cisco SD-WAN technology enables enterprises to build a scalable and carrier-neutral WAN infrastructure, allowing them to reduce WAN transport costs and network operational expenses. Cisco SD-WAN enables IT to apply business-centric, application-aware, and differentiated routing policies – providing end users at the remote offices, branch direct connectivity to performance-intensive trusted app, such as Microsoft 365, while routing generic Internet traffic via SWGs, CASBs, or the customer’s VPN connected data center.