The Self-Defending Network

Recall that there are a lot of reliability features you just get with any CX–OS switch: the ability to restart applications without having to restart the switch, or the ability to create a single virtual switch out of two switches, for truly nonstop operation.

Security also helps increase reliability, and the CX switches come with built-in security features that can be used to harden the network edge against attackers—just turn them on as a part of any installation.  You already have invested thousands of dollars in client software and in firewalls to defeat hackers and malware at the edge of your networks;  now you can get more of that protection for free, with a little additional configuration.

Turning on these built-in features is like turning your entire network into a distributed firewall; blocking the internal or external hacker or malware at the point it first touches the network. The network can also be set up so that no device can make direct peer-to-peer communications—automatically preventing the spread of malware to adjacent devices.

What if a bad actor happens to somehow bypass this automatic protection and attempt to do an exploit? There is a good chance that additional security tools—like Clarity discussed in the management section, or a third-party application that we sell—will identify it to management. Central can then be used to block or quarantine the bad actor with a few mouse-clicks. Here’s how an inexpensive and simple system that we configure deals with hackers and malware:

The Totally New Switch Architecture

1. The Ultra-high capacity, Ultra-high Reliability Core
2. Wonderful, Graphical Management
3. The Self-Defending Network