Sunday, 15 July 2018

The Future of Utilities: A Partner Opportunity

Energy and specifically electrically powered devices and appliances are part of everyday life for all of us. However, the dependency on personal computing devices like phones, tablets, headsets and the likes has made us realize how important energy savings and battery efficiencies are! Who hasn’t experienced anxiety or even panic as your mobile phone is running out of battery and you forgot your power adapter and/or there is no charging point in sight! What would you be willing to give up at that very moment just for some power!  Making sure that the electrical supply is constant and reliable is the main objective of every utility company in the world. Helping these companies achieve these goals is a substantial opportunity for Cisco and our partners more than ever before.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorial and Material, Cisco Certifications

The Utilities market, just like every other industry, is going through major changes driven by new technology paradigms such as the Internet of Things as well as the convergence of Operational Technologies (OT), which enable an efficient management of the power grid and Information Technologies (IT), which are becoming a critical part of the main Line-Of-Business objectives. The Digital Transformation of utilities companies is the direct result of many mega-trends; here are some of the most important ones:

Grid Resilience and Reliability


◈ Electricity supply is a matter of national security for every country, but maintaining its reliability is a challenge given the amount of transmission lines deployed globally.

◈ “In the U.S. (alone) … 200,000 miles of high-voltage transmission lines and 5 million milesof local distribution lines… (connect) thousands of generating plants to factories, homes and businesses“

New Technology Disruptions:


◈ The relationship between electricity consumers and suppliers has changed with the connection of home appliances to the internet, allowing the end user to manage their power consumption in real-time.

◈ “Sales of connected appliances will surge … from 30 million units sold in 2016 to 178 million units in 2020″

Aging Workforce:


◈ The US Department of Energy estimates that 25% of employees in electric and gas utilities will be retiring within the next 4 years.

◈ In the United Kingdom 52% of the power sector workforce is over 45 years old.

Most utilities have been used to treat their clients as simple ratepayers for many years; however, the balance in this relationship is now changing thanks to technology, distributed energy resources and social media. There are many positive business outcomes when Utilities take a proactive approach by engaging their customers in their own terms.

Specifically, in the case of Distributed Energy Resources (which refer to renewable energy generation such as wind, solar or wave power which are now becoming more accessible for residential and business consumers) the paradigm is shifting as the prices of battery power storage is coming down, leading to what is known as the Internet of Energy.

All these changes are creating a perfect storm of challenges, prompting utilities to become ready for cybersecurity and physical security standards, to competing for vision, mind share and leadership, as well as to address the Digital Disruption that all these events are creating. Nevertheless, is this really a Disruption or an Opportunity?

Cisco leads Utility Digitization with the GridBlocks™ Architecture, which provides a holistic view of the communications requirements needed, however this is not merely about devices and pure connectivity. It´s about providing a reference architecture for our partners that enables them to assess the overall digitization requirements of their utility clients and apply IP protocols in new and innovative ways to achieve performance levels, which were impossible to achieve in the past.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorial and Material, Cisco Certifications

The Utility industry knows that providing reliable and secure connectivity across multi-million intelligent energy devices on the grid and on premise is needed to manage today’s electric system and market operations into the future.

Friday, 13 July 2018

Turbocharge Your Next Webex Teams Proof of Concept and Demo Development

Use this Script to Turbocharge Webex Teams Bot Development


When I first started developing Webex Teams bots, I immediately was drawn to ngrok for its simplicity and power. It allowed me to rapidly start prototyping my bot and to do quick demos. It was simple to setup up very quickly and has a great Client API set that allowed me to dig into the details if I needed to troubleshoot.

Because of the ephemeral nature of the ngrok tunnels, though, it is somewhat of a nuisance to develop your bots because every time you tear down an ngrok tunnel and build it back up at a later time, you end up with a different URL for the webhook. If you’ve prototyped or demo’d a Webex Teams bot before, then you know that you then have to update the webhook with the new URL. This means going to the developer site and modifying the webhook by hand. The process goes somewhat like this:

1. Bring up an ngrok tunnel
2. Go to the Webex Teams website
3. Update your webhook to the new URL that ngrok just gave you.
4. Run the demo
5. Shut down your demo
6. Rinse, lather and repeat every time you need to bring up the tunnel!

The same basic process is applies when beginning to prototype your bot. Bring up a tunnel, update the webhooks, develop/test, tear down the tunnel, rinse and repeat. Don’t forget that you need to use your bot’s token rather than your developer token for #3 above. Plus you need to make sure that you don’t make any copy/paste mistakes, etc. Yucky, manual work!

Fortunately we can mashup the ngrok Client and Webex Teams API’s to do this in a more elegant and automated fashion.

Solution


So the process for automating this is relatively simple, so let’s dive in. Typically it is as simple as this:

First, bring up the tunnel using ngrok:

./ngrok http 80

You will end up with something along these line as output in the terminal.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorials and Materials, Cisco Certifications
ngrok startup output showing status and your new web hook URL.

We then run the ngrok-startup.py with two arguments. The first is the port you want the tunnel to be listening on and the second is the name of the new tunnel.

python3 ngrok_startup.py 443 "super_awesome_demo_bot"

which will result in a series of status messages describing what the script is doing:

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorials and Materials, Cisco Certifications
Expected status messages from ngrok-startup.py.

And we are done. The script used the ngrok Client API to tear down the existing tunnels, create new ones and then update your bot’s webhook. Now you able to iterate your bot PoC and then demo it live without going through all those manual steps a bunch of times.

The Code


I know a wall of text isn’t very interesting, but you may not be familiar with these specific APIs. So I’m going to walk through the five core functions.

So let’s take a looksie at some interesting API nuggets. Since ngrok automatically creates a set of tunnels at startup, in order to start with a clean slate, we will tear those down and create a new set.

The ngrok client API couldn’t be easier to use. We start by first getting a list of the open tunnels.

def get_tunnels_list(ngrok_base_url):
    print("get_tunnels_list start")
    error = ""
    active_tunnels = list()
    print(" Getting the list of tunnels...")
    tunnel_list_url = ngrok_base_url + tunnels_api_uri
    r = requests.get(tunnel_list_url, verify=False)
    print(" ...Received List of Tunnels...")

    # get the json object from the response
    json_object = json.loads(r.text)

    tunnels = json_object['tunnels']

    if r.status_code==200:
        for potential_tunnel in tunnels:
            active_tunnels.append(potential_tunnel)
    else:
        error=" Unable to list of tunnels"

    print("get_tunnels_list end")

    return active_tunnels,error

As you can see above, we send an http GET request to the local ngrok client. If successful, we get a list of the currently open tunnels.

Next we delete all the tunnels on the list. There should only be two, but we iterate through the entire list we get anyways.

def delete_active_tunnels(tunnel_list, ngrok_base_url):
    print("delete_active_tunnels start")
    errors=list()
    tunnel_delete_base_url = ngrok_base_url + tunnel_delete_uri

    print(" beginning delete of tunnels...")
    for tunnel_to_delete in my_active_tunnels:
        tunnel_name = tunnel_to_delete['name']
        tunnel_delete_complete_url = tunnel_delete_base_url + tunnel_name

        delete_request = requests.delete(tunnel_delete_complete_url, verify=False)
        if delete_request.status_code != 204:
            errors.append("Error Deleting tunnel: {}".format(tunnel_name))

    print(" ...ending delete of tunnels...")
    print("delete_active_tunnels end\n")

    return errors

Again, pretty self explanatory. We take the list of tunnels we received from the previous code snippet and delete each tunnel with an HTTP DELETE request.

Next we create a new tunnel, using the tunnel name provided in the second argument of the ngrok_startup.py command.

def public_tunnel_for_name(tunnel_name, tunnel_port, ngrok_base_url):
    print("public_tunnel_for_name start")
    errors=list()
    public_tunnel = ()
    create_tunnel_url = ngrok_base_url + tunnels_api_uri

    # make sure you change the port!!"
    print(" creating new tunnel...")
    tunnel_json = { 'addr' : tunnel_port, 'proto' : 'http', 'name' : tunnel_name}
    create_tunnel_response = requests.post(create_tunnel_url,json=tunnel_json,verify=False)
    if create_tunnel_response.status_code != 201:
        errors.append("Error creating tunnel: {}".format(create_tunnel_response.status_code))
    else:
        jsonObject = json.loads(create_tunnel_response.text)
        public_tunnel = (jsonObject['public_url'],jsonObject['uri'])

    print(" ...done creating new tunnel")
    print("public_tunnel_for_name end\n")

    return public_tunnel,errors

To create the tunnel, we just send an HTTP POST request to the ngrok client with a JSON snippet containing the port, the protocol, and a name for the tunnel. If all goes well, the ngrok client sends back a JSON payload with a new URL that your bot can use as its new web hook.

With the new tunnel URL in hand we can start working with the Webex Teams Webhook API’s. It’s important to note that you need to have your bot’s authorization token in the headers of all your Webex Teams API requests. In the script, this and other variables are set via environmental variables and stored in a python dictionary as follows:

dev_token = os.environ.get('SPARK_DEV_TOKEN')
webhook_request_headers = {
    "Accept" : "application/json",
    "Content-Type":"application/json",
    "Authorization": "Bearer {}".format(dev_token)
}

The first thing we do is delete the existing webhook.

def delete_prexisting_webhooks():
    print("delete_prexisting_webhooks start")
    errors=list()

    print(" deleting existing webhook...")
    webhooks_list_response =requests.get(webhook_base_url,headers=webhook_request_headers, verify=False)

    if webhooks_list_response.status_code != 200:
        errors.append("Error getting list of webhooks:  {}".format(webhooks_list_response.status_code))

    else:
        webhooks = json.loads(webhooks_list_response.text)['items']

        if len(webhooks) > 0:

            for webhook in webhooks:
                delete_webhook_url = webhook_base_url + '/' + webhook['id']
                delete_webhook_response = requests.delete(delete_webhook_url,headers=webhook_request_headers)
                if delete_webhook_response.status_code != 204:
                    errors.append("Delete Webhook Error code:  {}".format(delete_webhook_response.status_code))
    print(" ...Deleted existing webhooks")
    print("delete_prexisting_webhooks end\n")
    return errors

As you can see from the code block, first we need to get a list of webhooks and then iterate through the list. Sending HTTP DELETE requests as we go. This could be somewhat problematic if you have multiple webhooks for the same bot. But we are only using this script to help us automate our basic PoC/demo bot where we would probably only have a single webhook firing.

Finally, we create the new webhook. Using the super handy Webex Teams API’s we can easily create a new webhook.

def update_webhook(webhook_request_json):
print("update_webhook start")

    webhook_creation_response = requests.post(webhook_base_url, json=webhook_request_json,
                                              headers=webhook_request_headers)
    if webhook_creation_response.status_code == 200:
        print(' Webhook creation for new tunnel successful!')
    else:
        print(' Webhook creation for new tunnel was not successful.  Status Code: {}'.format(
            webhook_creation_response.status_code))

    print("update_webhook end\n")

Wednesday, 11 July 2018

Service Provider Digital Transformation and Security

For many service providers, the digital transformation journey may not be the smoothest.

Many service providers (SP) are going through a phase where they are either trying to understand the new technologies or in the process of early adoption and implementation–with a majority just beginning to understand and adopt. New technologies like internet of things (IoT), cloud, software defined networking (SDN), network function virtualization (NFV), and others are predicted to have a tremendous implication on an SP’s core business model and their journey toward cost reduction and new service offerings.

Mergers and acquisitions are going to be the norm in the SP space. A broad spectrum of services under one umbrella, with consolidated customer bases, will increase customer stickiness and will be a differentiating factor for many SPs.

Ensuring Security is Built-in


As SPs introduce new technologies and pursue increased mergers and acquisitions, numerous security challenges arise. In many cases security is typically an afterthought and can quickly become a minefield if not considered early enough or done correctly during these acquisitions and mergers.

The other side of the SP journey is focused on their business strategy: they are working to make sure that their average revenue per user (ARPU) keeps increasing with the changing revenue models. One big opportunity in revenue generation is how SPs can monetize security and offer it to their customers.

Currently, majority of the SPs, as part of securing their digital transformation, are trying to think about how to proactively secure their network architectures. At the same time, they are working to make sure they have reactive capabilities and teams are in place — be it an incident response capability or employing strong forensic expertise within their teams or by working with a partner.

As SPs begin to realize how important security is to their business, they are correspondingly assigning increased budget to security initiatives.   IDC recently published an InfoBrief titled “A Pulse on the Service Provider Industry: Digital Transformation and Security Services” that indicates SPs have allocated up to 20% more for security products and services over the last two years.

Digital Transformation, Cisco Security, Cisco Tutorial and Material, Cisco Guides

Figure 1: Increasing security budgets: Year-Over-Year. Source IDC

In the process of moving toward a more secure infrastructure, the customers of SP are also in the same boat and want to better secure their infrastructure. This presents an opportunity for the SP to add security as a value-added play that can help a SP move the needle in revenue generation. According to IDC, 56% of SPs say they will expand their security services offering in the coming year due to customer demand. SPs are actively moving toward providing security advisory services like penetration testing, network architecture assessments, and breach response services, either through internal capabilities or in partnership with a 3rdparty provider.

According to IDC, the demand for security services are driven in large part by enterprises who are seeking assistance to deploy security appropriately in their digital transformation, secure cloud and data center migrations.

Digital Transformation, Cisco Security, Cisco Tutorial and Material, Cisco Guides

Figure 2: Security assistance needed during Digital Transformation. Source: IDC

By offering security advisory services, SPs can assure their customers they are in this journey together. They can demonstrate they want to help their customers scale up and improve their security posture, versus being a traditional SP, with limited offers. In addition, SPs can differentiate themselves against competitors by offering security services to their enterprise customers. Such services improve customer retention, revenue growth and can lead to higher customer satisfaction.

In summary: service providers have an opportunity to become their enterprise customers’ go-to team for ensuring that enterprises are securely moving toward the adoption of new technology.  SPs who do not have security as a core skillset should proactively seek 3rdparty partnerships to develop new security capabilities or to enhance existing security capabilities.

Cisco’s Security Services offer a broad portfolio that includes incident response, penetration testing, secure SDN/NFV, and cloud security that are designed to help SPs secure their infrastructure. In addition, Cisco and the service provider can partner together to build and deploy security capabilities that the SP can offer to their customers.

Sunday, 8 July 2018

ASR 9901 – More choice and flexibility in your hands

Innovation, quality and customer focus are part of Cisco DNA. Our customers expressed the need to have a platform that is compact, dense, flexible, feature rich and supports programmability.

I’m thrilled to announce the availability of ASR 9901 – a compact Two-Rack-Unit (2RU) platform designed for a wide variety of use-cases across Service Provider, Enterprise and Hyperscale Web providers. It complements nicely our impressive ASR 9000 portfolio.

ASR 9901, Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorial and Material

The platform is scalable and delivers incredible 800 Gbps of throughput while also providing flexibility in terms of port speeds supporting 1/10/100 Gbps with industry leading MACsec encryption support on all ports. The ASR 9901 platform shares the same Operating System (OS) and custom silicon as the ASR 9000 family thereby providing operational consistency and advanced features such as Segment Routing, Ethernet VPN (EVPN), model-driven programmability & telemetry and other enhancements we brought into IOS XR.

Where does this box fit?


The ASR 9901 fits well into small Points of Presence (PoP), Colocation Centers (CoLo), where typical bandwidth demand is sub 500G but requires port flexibility, high 1G/10G density. The platform paves the way for customers to move to 100GE without having to sacrifice on Edge features. This platform supports broader applications such as Broadband Network gateway (BNG), Distributed Provider Edge, Internet Peering, Metro Aggregation, Data-Center Interconnect (DCI), Data-center/WAN Aggregation and Backbone router functions for Enterprises.

BNG


ASR 9000 as a Broadband Network Gateway (BNG) provides the fastest, densest and most reliable solution in the market. With industry leading geo-redundancy solution, you can let the network take care of maintaining the session states as well as management. The IOS XR BNG solution runs the same code base from a fixed 2RU solution to a multi-terabyte full rack chassis. This gives customers a huge portfolio of options without having to worry about re-validating their solution on every node. Now with BNG being pushed closer to the user, deploying ASR 9901 makes more sense with the system supporting higher BNG scale than the existing fixed chassis with support for automation, telemetry etc.

Distributed Provider Edge


Service Provider customers have been predominantly using the fixed systems as Aggregators and distributed PE’s because the platforms support the same scale as their modular counterparts. Continuing the tradition, the ASR 9901 will support the industry leading multidimensional scale (FIB, QoS) on the new compact chassis.

ASR 9901, Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorial and Material

DCI


ASR 9000, more specifically ASR 9001 (fixed 2RU), has been deployed by customers as a Layer2 & Layer3 DCI, primarily supporting 10/40G speeds within data-centers. The ASR 9901 with the full support for EVPN & VXLAN capability will be a more viable solution for our customers as the DCI router with Nexus 9K integration through OpFlex .

Central Office Fabric


With customers looking for programmable fabric (CO Fabric) with Segment Routing (SR) underlay and EVPN overlay, ASR 9901 provides the smallest building block for feature rich service termination. Customers can drop in additional service PE’s if they need to support more services. This platform addresses the SR requirements with multiple MPLS label stacks (10 Labels) as well as deep buffers, hierarchical QoS and faster convergence.

In a nutshell, this new platform provides our customers with greater flexibility without having to compromise on features and also move to 100G in Small PoP’s, Colo’s.

Friday, 6 July 2018

Why Your Campus Network Needs Intent

In this blog, we look at the campus network, where IT professionals have traditionally required intricate, expert knowledge and extensive configuration expertise to manage a wide range of technologies and devices arranged in multi-tier switched or routed-access networks, complemented by wireless-overlay networks.

Campus networking can be hard! But help is at hand…


Access networks are at the heart of many IT teams’ operations, yet it can be no easy task for IT teams to authenticate, authorize, segment, monitor, and allocate the appropriate resources in a campus network. However, recent innovations in intent-based networking can bring relief throughout all phases of its operational lifecycle. Let’s explore how.

NB-09, Cisco DNA, Enterprise Networks, Cisco Security, Cisco Certifications

Simplify Provisioning for Campus Networks


With a Cisco intent-based network, administrators can start by automating software-defined-access (SD-Access) network configurations. Switches are added to the network using Digital Network Architecture LAN Automation, leveraging Cisco plug-and-play functionality. The DNA Center then pushes the correct configuration (consistent with the role of the device). The result? Automated provisioning of an entire campus network within minutes.

Manage by Identity, Not IP Address: Group-Based Policies for Endpoints


Before intent-based networking IT had to plan Internet Protocol (IP) addressing and virtual-local-area-network (VLAN) structure to separate users and devices into confined segments. IT teams have also had to take care of the associated Authentication, Authorization and Accounting (AAA) policies. These policies may have:

◈ varied by device type (think IoT) or user-group
◈ treated wired and wireless access differently.

Each device needs to be configured to represent the application policies that IT teams wish to implement for users or end-devices throughout the access network, in order to achieve the desired transport treatment.

In an intent-based network, endpoints are referenced by a natural expression of their identity, as opposed to classification by IP addresses.

Endpoints can then be grouped together based on their natural attributes, and a group-based policy (GBP) can then be applied. A large number of endpoints can then be treated as one – in a single group – which reduces the scale and complexity of the network (from the operator’s perspective). Overall, these natural and highly powerful abstractions can dramatically improve the human understandability and ease of operating a network.

Segmentation policies are abstracted by means of overlay networks.

Users and devices in a group-based policy can then be placed into their own virtual networks that are constructed independently of virtual local-area network (VLAN) tags or internet-protocol (IP) prefixes.

No more mental acrobatics!


In an intent-based-network application, policies – such as quality of service (QoS) – are also applied through the abstracted expression of intent. For example:

◈ applications can be marked (including: “business critical”, “default” or “irrelevant”)
◈ a Cisco DNA controller can then derive the desired configurations to support the intended application policy, taking the controller’s holistic knowledge of devices and state into account.

Automation then drives the desired capabilities into the network. No more mental acrobatics for network managers to determine command-line interface (CLI) commands! And no manual steps to configure each switch (and its operating system) in the network, individually via command-line interface (CLI)!

Express your segmentation policy by first associating devices or users with groups, and then groups to network segments – it’s that simple!

Since segmentation policies are anchored by a group tag in the virtual extensible LAN (VXLAN) frame headers, both wired- and wireless-connected devices can be treated consistently and in a unified manner.

NB-09, Cisco DNA, Enterprise Networks, Cisco Security, Cisco Certifications

Know What’s Going on in Your Campus Network


Comprehensive assurance functions provide a Cisco intent-based access network with major advantages over a traditional switched campus.

Historically network administrators have had limited visibility across a network, and limited tools to confirm that the network is operating as desired. Often, problems were only realized after the fact, when something in the network went wrong.

The assurance functionality of an intent-based network now provides ongoing visibility into network operations. Various forms of network data are gathered, recorded and analyzed continuously using sophisticated algorithms and machine learning to determine if the campus network is behaving as intended.

In case of discrepancies between the desired intent and actual operation, the assurance capabilities can even suggest remedies to take corrective actions.

Wednesday, 4 July 2018

Scaling Visibility and Security within the Operational Technology (OT) Environment

Mid- to large-sized enterprises have for many years built the operational technology (OT) environment like an egg – a hard exterior protected by traditional security elements such as firewalls, IDS/IPS, and malware detection (if you are lucky), but a soft interior leaving critical operational assets at risk against advanced threats and non-existent visibility.

As companies continue to digitize, more and more devices are getting added to the network. Therefore, visibility into the operational network has become critical in order to maintain secured operations. The image below highlights some of the things you may want to consider when it comes to securing the operational environment in today’s threat landscape.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications

Cisco Stealthwatch overcomes the visibility and security analytics challenges by maximizing existing investments in your network infrastructure. It collects the rich network telemetry (NetFlow, sFlow, etc.), and performs a baseline of the network environment using behavioral analytics and multilayered machine learning to detect what is abnormal. We will discuss this in more detail but first let’s discuss the challenges most organizations are faced with today.

A hard exterior may include one, many, or all of the following items: firewalls, intrusion detection/prevention systems, content protection, DNS based controls, malware inspection, and email. These controls and inspection points may exist at the edge of the operational environment and/or within the business network. In the past, this was able to reduce a significant amount of risk to the operational environment but in today’s world it’s no longer enough. A soft interior presents a variety of risks which may include:

◈ Supply Chain: The firmware you downloaded was compromised by a bad actor – would you be able to determine or alarm on subtle behavioral changes to the network indicating something of interest?

◈ Normal Operations: Do you truly understand how the network operates 24x7x365 and are you able to detect changes based on new behaviors? These changes may be related to a security event but also may be based on a misconfiguration.

◈ Localized Malware: Malware introduced to systems from field technicians, contractors, USB keys, etc. Would you be able to detect the changes to the network behavior based on this new threat?

◈ Protection Agents such as anti-virus: Not all of your assets within the operational environment will support agents and/or the vendor will not allow agents onto systems and if installed, the vendor may revoke support. The network provides an opportunity to detect anomalous and/or bad behaviors without an agent

◈ Confidence in the control: Are you certain the controls in place are working 100% of the time. What about the fat finger syndrome when adding a control? Are systems talking to systems they should not be? The network can provide this much needed insight

◈ Compliance/Audit: Today, the audit process may include examining multiple access control lists and requires multiple teams highlighting if a control exists and if the communication to the environment meets the compliance requirement. Does this really ensure that the control was accurate throughout the year or only during the audit? The network can provide you the ability to go back throughout the year and prove the control was in place and no unauthorized communication took place

These are some simple examples of some of the challenges and risks when deploying a hard exterior only. As the operational environment continues to evolve and IP becomes more prevalent deeper within the operational environment, there is an opportunity to gain greater visibility leveraging network telemetry data; something that your operational environment may produce today. Note: not all telemetry data is the same but leveraging a technology that supports multiple network telemetry is advantageous to the consumer allowing for greater coverage.

Some of the benefits of leveraging the network not only include visibility into the operational process but also assists in troubleshooting the environment. I have captured a few of the business outcomes we have seen in customers’ environments as a result of deploying Cisco’s Stealthwatch solution.

◈ Host group zoning (or creating a logical boundary) within the operational environment to alarm on communications activity that violated the logical trust boundary. Business outcome: risks to the environment identified earlier in the process to maintain secure and trusted operations

◈ Anomaly detection discovered a compromised camera port-scanning the network. Business outcome: significantly reduced the time to detect and allowed the team to mitigate the threat sooner. No business operation disruption

◈ Problematic wireless access point on the factory floor that was occasionally flooding the plant floor with goofy packets. Business outcome: issue was mitigated sooner, which ensured that the integrity of the network was maintained

◈ Connectivity aberrations in the distribution network – abnormal but not necessarily an attack. Business outcome: optimized the network ensuring maximum operational uptime before the incident was realized within the operational environment

◈ Systems chatting with things that were supposed to be retired. Business outcome: removal of retired assets reducing the potential threat vector from the environment and optimization of the environment

◈ A spike in traffic that was not an attack itself but an indicator of change that may have disrupted the operational network if left unexamined. Business outcome: quickly identified the issue which allowed the right team to be engaged to mitigate the spike in traffic. This also removed the concern around a potential security breach optimizing resource allocation and reduced mean time to repair.

Cisco Stealthwatch provides deep visibility leveraging metadata (telemetry) from the network providing security at scale. It also integrates with other solutions to do full packet capture in areas where this is required. Stealthwatch can ingest any kind of telemetry from across the extended network including end-points, branch, data center, and cloud. Behavioral-based analytics, machine learning, and global threat intelligence that is 100% out-of-band is a recipe for success both in IT and OT environments!

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications

Sunday, 1 July 2018

What is CCNA Routing and Switching?

The Cisco Certified Network Associate (CCNA) certification is the second level of Cisco's five-level career certification process. A CCNA certification certifies a technician's ability to install, set up, configure, troubleshoot and operate a medium-sized routed and switched computer network. This also includes implementing and verifying connections to a wide area network (WAN).

CCNA Routing and Switching, CCNA Study Materials, CCNA Exam, CCNA Learning, CCNA Exam Tips

What are the other CCNA tracks? "Cisco Associate Level Certifications"

CCNA Routing and Switching, CCNA Study Materials, CCNA Exam, CCNA Learning, CCNA Exam Tips

◈ CCNA Security
◈ CCNA Wireless
◈ CCNA Collaboration
◈ CCNA Service Provider
◈ CCNA Data Center
◈ CCNA Cloud
◈ CCDA "Design"
◈ CCNA Industrial
◈ CCNA CyberOps (Cybersecurity Operations)


Which track considered the best?


There are 10 different CCNA tracks. Each of them is valuable but some are more valuable than others. The statistics show that cybersecurity track will be in a great demand in the coming years. Hundreds of thousands of cybersecurity specialists and experts will be in demand each year for the coming few years. So CyberOps will have a great value for the near future and most probably for the long term.

I’m not saying you should go for the CCNA CyberOps right now, I’m just talking about the market demands and statistics. You can read more about the most demanded CCNA certification here → What is the difference between the CCNA exams?

The main point I want to refer to in this topic is that no matter what track/s you decide to study and specialize, you first need to study the fundamentals and basics which you get only in the CCNA Routing and Switching.