Use Cisco controllers to meet financial regulatory requirements

This blog will explore how financial institutions (FIS) use different Cisco technologies to help meet regulatory requirements, whether it is FFIEC, OCC, PCI, or others. Previous blogs in the series are listed in regulators and regulations, and how organizations live in a multi-control world. This is the basis for various technical requirements seen within the control of IT organizations. This blog will focus on each feature in each controller and how they can help solve challenges faced in their respective fields. It is worth noting that all of these technologies can expose the Northbound API, which can allow multi-domain orchestration, whereas multi-domain orchestration tools evaluated the utilization of these tools in previous blogs.

Many basic structures remain consistent in these regulatory audit standards. These key tones can penetrate into the guidance that Cisco technology can help

• Know your environment,
• Template your environment and
• Segment and protect sensitive data in your environment

In some regulations, you will find advanced guidelines on evolving technologies, especially in the update to the 2021 FFIEC Operations Book. These regulations will continue to evolve and being able to leverage the power of automated systems can save the operating costs of organizations when they meet them.

Cisco DNA Center

Cisco DNA Center is a powerful network controller and management dashboard that lets you take charge of your network, optimize Cisco investments, secure remote employees and reduce your IT spending. It offers a range of benefits to FIS, including helping them meet regulatory requirements through its extensive automation capabilities. These benefits include:

1. Network segmentation: One of the key regulatory requirements of FIS is to ensure network segmentation isolate sensitive data and systems. Cisco DNA Center can consistently provide configurations of SDA or other technologies (L3 and L2) throughout the environment.
2. Visibility and Control: Cisco DNA Center can provide the ability to centralize and filter events and provide advanced analytics.
3. Compliance Report: FIS maintenance compliance reports are required to demonstrate compliance with regulatory requirements. Cisco DNA Center provides compliance reports that can be easily generated and shared with regulators.
4. Automation and Orchestration: Cisco DNA Center automates network management tasks such as configuration management, device configuration, and network policy enforcement. With advanced composite templates, the configuration of features can be stitched together to stitch together across devices and device types so that consistency can be maintained for the various functions present in the enterprise network.
5. Enhanced Security: Through advanced features integrated with TALOS and endpoint classification, as well as automated workflows to provide advanced security resources such as encrypted traffic analysis, DNA centers are helping FIS implement policies to meet its regulatory requirements.

Cisco SD-WAN

Cisco SD-Wan is a software-defined broad-area networking solution delivered in the cloud or on-premises hosting, enabling FIS to connect any user to any application. It has integrated features such as multi-cloud, security, enhanced visibility and building of architectures that are enabled toward secure access services edge (SASE). Cisco’s SD-WAN solutions can help include:

1. Network segmentation: Configuring secure segmentation and simplifying complex topology is one of the advantages of Cisco SD-WAN solutions. It can help FIS declare and systematically isolate sensitive data and systems. This is inherent in the overlay and naturally extends the campus to the data center and the cloud using a standard-based segmentation structure.
2. Secure Connectivity: One of the innovations Cisco SD-Wan has launched to market is the combination of routing topology and encryption coverage to reduce the traditional complexity of managing both separately. It uses patented innovations around the distribution of security keys to facilitate automatic overlays that can use application-aware routing to determine the workload of any endpoint from any endpoint to any cloud.
3. Compliance Report: Cisco SD-WAN is a PCI-compliant solution that can be used to help FIS meet its compliance needs. PCI-DSS reports are available and can be shared with regulators.
4. Automation and Orchestration: Cisco SD-WAN automates network management tasks such as configuration management, device provisioning, and network policy enforcement, reducing the risk of errors and inconsistencies that may lead to compliance violations.
5. Enhanced Security: Cisco SD-WAN provides advanced security features such as threat detection and response, application-level security, and access control, which can help FIS meet regulatory requirements around data security.

Cisco Melaki

Cisco Meraki is the world’s leading cloud management networking solution that provides a consistently managed enterprise product stack through centralized management of network devices and applications. It provides FIS with a range of benefits, including helping them meet regulatory requirements. Some of Cisco Meraki’s benefits in this regard include:

1. Cloud Management: With PCI and GPDR-compliant cloud management solutions, FIS can securely manage its network infrastructure from a cloud-based dashboard. Intuitive capability to quickly deliver and maintain large networks to include SD-WAN, switches, wireless, sensors and cameras, and consistently, and according to predefined standards, prevent configuration drift and inherent risks. Native APIs can be easily audited and verified with existing security tools and systems.
2. Network Segmentation: Cisco Meraki supports intrinsic and simplified SD-WAN with low complexity for easy maintenance, security and auditing environments. It has the ability to complete full stack security, combines wireless SSIDs into layer 2 switch segments, and is saved through an SD-WAN solution and presents all of this in a single elegant solution.
3. Compliance Report: FIS maintenance compliance reports are required to demonstrate compliance with regulatory requirements. Cisco Meraki provides compliance reports that can be easily generated and shared with regulators.
4. Advanced Security: Cisco Meraki offers advanced security features such as threat detection and response, content filtering, and access control, which can help FIS meet regulatory requirements for data security.

Cisco ACI

Cisco Application-Centered Infrastructure (ACI) is a software-defined networking solution that provides centralized automation and policy-driven application profiles for data center networks. It provides FIS with a range of benefits, including helping them meet regulatory requirements. In this regard, some of the benefits of Cisco ACI to FI include:

1. Network segmentation: Implicit in ACI is based on application awareness and structure of standards-based group policies. This allows the implementation of macroscopic and microsegment frameworks using traditional web-based constructions or more advanced application classifications. By using a model-driven approach for segmentation, it allows FIS to ensure that segmentation structures are consistent in a class of applications and are implemented in ASICs or through service devices stitched into network structures.
2. Compliance Report: As part of Cisco’s security data center reference design, ACI provides reports on hardware and software versions, as well as security structures used in structures used in native tools or created tools, or even through third-party audit solutions.
3. Automation and Orchestration: Cisco ACI is top-down and is a model-driven orchestration platform that allows all constructions of the network to be programmed and carefully planned as objects in the model. ACI has implicit automation and orchestration, and exposes all of these features through the API to enable third-party products to fit seamlessly into the solution.
4. Enhanced Security: Cisco ACI provides advanced security features such as network segmentation, policy-based access control, and threat detection and response, which can help financial institutions meet regulatory requirements around data security.
5. Scalability and performance: Cisco ACI has line rate performance and excellent scalability for the most demanding environments. Evolutions such as multipods and multisites have allowed fabrics to not only span geography, but also to improve scalability by allowing mobility between one or more availability areas.

In summary

The focus of the FFIEC blog series is to summarize and evaluate how IT organizations outline the regulatory environment through the impact of these organizations and the corresponding technologies that help. In my 15 years of service to the financial services sector, the regulatory community has only become more challenging, but this is due to the evolution of the industrialization of the real-world risk and threat landscape. The technical risk level faced by FIS has always been very high, and as long as FIS is “where is the money”, it will continue to develop. The regulatory environment cannot address this, but instead attempts to ensure some level of control and consistency. To meet these requirements, Cisco has invested billions of dollars in the security of our platform.

The scalability of these platforms Northbound APIs allows the best class functionality of all these systems from campus to WAN, while using standards-based protocols that can interoperate and apply multi-domain policies. This approach can promote flexibility and functionality without compromise, helping organizations unlock the maximum potential of investment to address current and future business issues.

share: