Achieve a Secure, Sustainable Network with Cisco 8000 – Cisco Blogs


Digital transformation is sweeping across the world in every industry sector, and now Internet of Things (IoT) is applicable to so many fields we never considered a decade ago. Any object can be turned into a data acquisition point by using a suitable sensor and connecting this to a wireless sensor network makes IoT a reality. For example, I can connect a simple wooden table and chair to a network by using sensors that properly detect their usage.

Another recent development is a wearable surveillance camera with VGA format (640×480) that transmits streaming video over a wireless network. This will produce 60Mbps of data with the sensor capturing 200 frames per second. As you can see, there’s really no limit to the number of devices that can connect to a network. According to the Cisco annual internet report, by 2023 there will be 3.6 networked devices and connections per person, and more than 70 percent of the global population – approximately 5.7 billion people – will have mobile connectivity by next year. This connectivity includes 2G, 3G, 4G, and 5G. The same study shows that more than 66 percent of the global population will be internet users.

What are the implications of this connectivity?

Imagine the data throughput that a service provider network must handle with increased IoT applications, and what would be the power consumption and network security considerations while handling this kind of massive data? According to Prof. Francois Gemenne, Professor of Environmental Geopolitics, Sciences Po Free University of Brussels, Belgium, if the internet were a country, it would be the fifth largest consumer of electricity in the world. The problem is that electricity usage results in Greenhouse Gas (GHG) emissions, and greenhouse gases make the planet warmer. The United States Environmental Protection Agency (EPA) estimates that 25 percent of GHG emissions arise from the production of electricity.

 

According to the EPA, total 2019 U.S. emissions equaled 6,558 million metric tons of CO2 equivalent. The negative impacts of this CO2 on the planet include climate change, respiratory disease brought on by smog and air pollution, food supply disruptions, and increased wildfires and flooding from extreme weather, among many others.

A Guide to Global Internet Energy Usage shows mind-blowing statistics of energy consumption and the global carbon footprint due to internet traffic. Four years ago, The Guardian projected that a “Tsunami of data could consume one-fifth of global electricity by 2025”.

How can a router improve sustainability?

With all that growth, it’ll be challenging to build secure networks unless the underlying infrastructure hardware is specifically built to handle and circumvent threats and attacks. Each device added to the network creates another point of vulnerability. To support the rapid growth in 5G deployments, infrastructure elements are being deployed in more diverse and sometimes less secure locations, which creates additional risk.

Cisco 8000 Routers We offer an integrated solution to manage a secure and sustainable network. Using Cisco Silicon One in Cisco 8000 Series routers not only provides green networks but also secure networks with a built-in Trust Anchor module (TAm).

Cisco Silicon One is the first routing silicon architecture to break the 10-Tbps benchmark for network bandwidth. This is accomplished without sacrificing router capacity, packet-per-second forwarding performance, and feature flexibility. The first-generation Q100 ASIC delivers 10.8Tbps of throughput in 16-nm process technology, while the second-generation Q200 ASIC increases the performance to 12.8Tbps in 7-nm process technology. Systems built with the Cisco Silicon One Q200 can provide 12.8Tbps of routing performance in under 390W of power. The lower energy consumption will result in lower heat dissipation in addition to having less GHG emissions and a smaller carbon footprint leading to green networking. Green networking refers to the processes used to optimize networking functions to make them more energy-efficient, as described in ScienceDirect.

Does less power consumption mean less security?global networking

The Cisco 8000 router journey doesn’t stop at providing green networks but also leads to more secure networks, and better security improves sustainability because there’s little to no downtime due to attacks. This means far fewer truck rolls are needed to troubleshoot, repair, or replace equipment, and extended product longevity is good for the environment. Cisco routers are designed with foundational security capabilities that verify devices for authenticity and integrity. This verification offers evidence that network devices are operating as intended and are unaltered from their manufactured state.

A critical step in designing resilient networking solutions is to embed security features into the hardware. Cisco uses a TAm chip that implements built-in security features to enable the following security features in the Cisco 8000 platform:

• Secure boot and image signing
• Run-time defenses
• Supply chain security (Cisco Chip Protection)

The first step in establishing platform security is platform identity, which is performed using the TAm. The TAm is like the Trusted Platform Module (TPM) from the Trusted Computing Group, which was accepted as a standard by ISO and IEC in 2009.

During manufacturing, device identification is programmed into the TAm using a Secure Unique Device Identification (SUDI), an X.509 certificate which is globally unique per device. SUDI is an extension of device identity as defined by the IEEE 802.1 working group. The hardware-anchored secure boot process is designed to ensure that only genuine and unmodified code is allowed to boot on the Cisco 8000 Series platform.

The next layer of protection is the JTAG (IEEE 1149.1 Standards) interface of those devices. Most embedded devices provide a JTAG interface for debugging and test purposes. However, if left unprotected, this interface can become an easy channel from which to attack the system. A laptop and JTAG debugger are all that’s required to provide access to an embedded CPU. To combat these attacks, we use a specialized logic block called the “Cisco IP Secure JTAG monitor” that is designed to prevent the use of JTAG debuggers to probe and modify memory contents. Secure JTAG not only monitors the JTAG bus for activity but also periodically checks the continuity of the JTAG chain during run-time operation. When unauthorized activity is detected or the chain integrity is compromised, the host system is immediately notified, and corrective action is taken by the host.

Learn more

Security is just one of the highlights of using Silicon One’s Cisco 8000 Series of routers. Stay tuned to this blog series on our sustainability journey, focused not only on new products but also on legacy products with a robust automation layer.

Share:



Source link