Friday, 14 June 2019

MCE: Enabling Customer Success in an Increasingly Connected World

Organizations need to be agile, flexible, and visionary. Now with My Cisco Entitlements (MCE), you have a platform that can help you achieve this.

I am proud to share Cisco’s official introduction of My Cisco Entitlements (MCE) for our customers and partners. MCE is a comprehensive lifecycle management platform that is robust, unified, and secure. Based on Smart Accounts and ISO Compliant Application Programming Interfaces, MCE provides customers and partners the flexibility to self-manage all Cisco IT purchases. We anticipate that MCE will rapidly lead the way in how our customers and partners manage their post-sale Cisco IT assets and entitlements.

Helps Organizations Maximize their ROI and Minimize Risk


This innovative new platform empowers organizations to maximize their return on investment, reduce risk and protect investments. It provides real-time insights into all Cisco services, subscriptions, licenses, and devices throughout their lifecycle. With a comprehensive view, IT and network administrators have the visibility and control they need to make well-informed, cost-effective,­ and compliant decisions.

IT Teams Drive Improved Business Operations


By generating MCE’s dynamic analysis and reports, IT teams have access to valuable information to drive improved business operations. For example, the last day of support (LDoS), renewals, and subscriptions are effortlessly identified by using sort and filter features.  As a result, cost is optimized and risk is reduced as they proactively plan usage and renewal of products and services.

Customers Manage Investments With Cisco More Effectively


Customers can also maximize the return on their investment by leveraging products and services usage insights. This customer-based platform simplifies how end customers manage their investments with Cisco effectively. In the future, Cisco partners can build and monetize asset and entitlement management practices for their customer base.

Taking Smart Accounts to the Next Level – One Unified Platform


As you may recall, Cisco introduced Smart Licensing and Smart Accounts to simplify and streamline software purchases, transfers, and activations for our customers. Built on the foundation of Smart Accounts, MCE takes this same concept to the next level with the integration and management of all licenses, devices, services, and subscriptions on one unified platform. MCE offers customers crucial insight into what they own and how to manage their assets even more effectively. Even better, it provides secure and consolidated user access.

The unified platform has been in pilot for the last five months, with more than 400 customers participating in beta testing. Since we began the pilot program in February, based on customers’ feedback, we’ve been able to uplevel MCE’s capabilities to better serve end users needs. Now, MCE is available to anyone who signs-up via this survey and has a Smart Account with Cisco.

Customer feedback from our pilot users has been incredibly positive. The most common feedback is that they love the one-view dashboard, sort, and filter features, and how key information, such as the last day of support and service coverage, is consolidated into one view. MCE simplifies the way information is managed.

We continue to integrate future release features and capabilities to enable our customers to be successful in an increasingly connected world – with security as a top priority. We can expect the increased use of telemetry in the coming year will provide proactive device health information and drive automation to workflows as needed to avoid delay and overhead.


My Cisco Entitlements connects your Smart Account, licensing, asset management, entitlement management and services to drive your digital business. As customers continue to find new ways to maximize ROI, reduce risk, and protect investments, MCE is poised to lead the way in the digital transformation era.

In the coming years, it’s imperative that every leader in every industry and organization is lock-step with the quickly shifting landscape of technologies to be competitive, increase revenue streams, and meet the needs of their customers. MCE is our solution to help meet these needs as technologies become even more and more complex. This solution offers our customers and partners a new way to protect their valued investments and minimize risk.

Thursday, 13 June 2019

Collaboration: A Key Driver for Digital Transformation and the Cisco Story

As I walk around the conference floor here at Cisco Live talking to customers and partners, I’m reminded how exciting it is to work with innovative solutions that are driving real, impactful change in businesses. For my team and me, collaboration platforms and solutions have reached that pivotal stage. Seamlessly connecting people to people, people to systems, systems to systems, ultimately connecting information and accelerating the velocity of quality decision making at organizations. We see this transformation at Cisco, and I also hear it from customers that are working to leverage collaboration platforms to solve their biggest challenges — attracting top talent, improving their team’s ability to collaborate easily, providing a consistent experience anywhere, anytime, and connecting platforms to be able to access the data for decision making while making sure appropriate security and privacy concerns are addressed.

This year, the research firm IDC predicted that “by 2021, 65% of G2000 companies will offer coworking and remote-work options that leverage pervasive access to enterprise and collaboration applications.” That is a meaningful milestone in the Digital Transformation paradigm because it represents three critical changes that are in motion: how technology has changed our expectations in our day-to-day lives; how the workplace environment has unfolded; and how technology has evolved to break down barriers that have historically challenged that progress.

Technology Enabling Workplace Transformation


Collaboration, Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorials and Materials
At Cisco, my team and I are responsible for providing core technology solutions to a workforce of over 140,000 across the globe — employees and contractors. In recent years, collaboration has proven to be a valued tool in our daily work. However, it’s only in the past two to three years that we see just how impactful it can be, including helping to bolster the bottom line by digitizing our business, increasing productivity, attracting and retaining top talent, and reducing the business risk in areas like security and data privacy. The results are significant and measurable and articulate how technology is an enabler of the transformation.


Webex as the Workstream / Webex in the Workstream


The center of our strategy has been Webex, including Webex Meetings and Webex Teams. It functions as the technology hub driving how we share and distribute information and how we meet with one another. It is pervasive across all our devices and buildings around the world. Our primary goal in IT is to create and support a consistent user experience, no matter where and how the technology is used.

More significantly, it’s engineered and integrated with other technologies throughout the workstream to help bind the experience. So, as a user moves from application to application (e.g., Salesforce, GitHub, ServiceNow), the Webex experience breaks down the traditional silos and acts as the common thread, connecting data and information. Plus, its integration with the productivity applications that we use helps our users by simplifying tasks. We’ve integrated Microsoft Office 365 to help simplify everyday tasks like scheduling, correspondence, and content storage.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Tutorials and Materials

Managing Change with Data and Insight


One of the key questions I often hear from customers is how Cisco IT plans for and makes decisions about technology rollout and life cycles. I’ve made it a key point in most of my talks here at Cisco Live.

My team and I have molded and follow an outcome-based, data-driven strategy. At the center of that, we work to understand business and workforce needs, and extract and analyze data coming from our systems to understand usage and adoption. We’ve opened up visibility into every detail to help inform our decision making, including more information around how people work, device usage in physical spaces, the number of video calls, and which integrations are critical and which solutions may be laggers.

Through this analysis, our teams can better plan for technology acquisition, rollout, and implementation. However, more essentially, it informs our teams on how to train our workforce in using the technology to improve its adoption — and better understand where the technology may not be the best fit. This approach has helped us drive adoption and usage to the higher percentile of usage of collaboration technology among our workforce.

Finally, through a close partnership we have with our business and product units, our teams are testing, piloting, and implementing Cisco products while they’re still in development. Through this “Customer Zero” program, we’re able to co-create, deploy, and drive needed changes in the Cisco solutions to improve the enterprise readiness and operational manageability.

What Should IT and Business Leaders Watch Out For?


As the backdrop to our planning and strategy in Cisco IT’s Business Collaboration and Software Platforms group, we have identified seven key pillars that help drive our thinking, planning, and analysis:

◈ Scale: Can the solution easily and effectively scale to accommodate our needs across usage, cost, and footprint, not just now but also in the future?

◈ Performance: Does the solution provide the performance capabilities we need with needed quality throughout the infrastructure, whether we’re concerned with our data centers, campus, remote, or the cloud?

◈ Ease of Use: Is the solution easy to use? What type of training is required? Moreover, what are the barriers to our users’ adopting it effectively?

◈ Analytics: Does the solution provide the data and analytics we’d like to see to help inform our decision making and understanding the solution’s effectiveness?

◈ API-Enabled: Does the solution provide the needed APIs to allow systems to connect programmatically, integrate easily with other platforms, and enhance our ability to digitize our business?

◈ Localization: Can the solution effectively address localization issues across our population that must be addressed? For example, can it be calibrated to comply with regional compliance standards like GDPR

◈ Security: Does the solution have in place security capabilities to respond to security threats proactively, and provide data privacy and governance needed?

Your Collaboration Journey


In a conversation I had with an IT leader at a large enterprise firm yesterday here in San Diego, we were sharing our experiences with addressing the challenges of deploying collaboration solutions that will be adopted by users, while striving to foster the company’s growth. Although we come from different industries, we found ourselves in agreement on what we believe to be essential advice about collaboration we’d give to other IT leaders. It also reflects what I’ve included in my talks.

◈ Understand the business needs and how work gets done across the organization.
◈ Focus on simple, easy-to-integrate platforms that are cloud-enabled.
◈ Leverage the intelligence in your solutions to manage the entire ecosystem, adjusting for capacity and performance. 
◈ And finally, keep security top of mind. 

This is an exciting time for collaboration. It’s more powerful than ever and is having a bigger effect on our organization.

Wednesday, 12 June 2019

Webex: Create Smarter and More Personalized Meeting Experiences

We unveiled some new, innovative features that automate and simplify steps in the meeting process, so you can make the most of your meeting time. We want to improve the meeting experience for everyone — from the host, to your attendees, and even IT. Our goal is to help make meetings smarter, more productive, and more personalized. Through Cognitive Collaboration, you can gain greater insights and build deeper connections for team collaboration.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications

Get Profiles About Who You’re Meeting


One way we are making meeting smarter is with People Insights which helps you quickly learn about anyone in the meeting. We announced People Insights in March and it is generally available to customers this month for the desktop app, mobile app and web page. I like this feature because it saves me from having to spend hours doing Google searches and scouring the Web for other sources of information. It works by creating a rich, dynamic profile of everyone who joins your meeting and displays that information in the Webex Meetings participant panel. Meeting participants can edit the information that’s displayed about them through the settings page. Things like photos, bios, news articles, social links, and directory data (if you are in the same company) are aggregated and available for quick viewing.

Put a Name to Every Face in the Meeting


Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications
Another way we are making your meeting smarter is with the use of facial recognition. When you use a Webex device for your meeting, the system scans the faces of anyone showing up on the video and is able to not only calculate also but identifies participants by name. It starts with a profile picture that meeting participants submit on the settings page. The Webex device then logs the picture and gives it an identifying number, which represents the participant. When you’re in a meeting, the system will scan the faces of meeting participants and use the same algorithm to calculate an identifying number for the participants. The information is encrypted and then matched against the numbers stored.

Never Miss an Action Item From the Meeting


Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications
Transcription in Webex Meetings is another feature. I use it when I need to recap what was said in the meeting or follow up on critical action items. It works by using natural language processing to deliver high-quality transcripts of your Webex Meeting recording. When you record a Webex Meeting, a transcription is saved and will appear during recording playback. You can search for text in the transcript to verify what was said, and when. All I have to do is search the recording for keywords – like my name, for example – and I can quickly review any actions assigned to me or my team.

Deeper Integrations and Interop with Your Collaboration Workflow Tools


At Cisco, we are always looking for ways to build bridges between Cisco and other collaboration solutions you may choose to use every day. That’s why we’ve upped the ante on interop too, by offering more integrated and intelligent experiences with 3rd party tools, from Microsoft, Google, Jira, and Zapier in this latest release.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications

For example, we improved sharing content in Webex Meetings from within Microsoft Office apps. And starting Personal Meeting Room (PMR) and recording notifications within Microsoft Teams has never been easier. The Microsoft O365 add-on recognizes meetings scheduled from Exchange for automatically synching schedule changes.

We’ve also added improvements for G-Suite users in phase two of our integration work with Google. Important features like scheduling your PMR and ad-hoc meetings, as well as advanced settings like templates, alternate hosts, audio type, and call-in details are available in the add-ons framework. Check them out soon in the Webex meeting settings, inside the Google Calendar interface. In addition, we are now integrated with Google home devices so now you can ask, “Google, what’s my meeting schedule today” or “please play my recording.”

Improve User Management for IT


And we can’t forget IT, an important persona in improving workplace experiences. We’ve made some additional improvements to Webex to help IT manager and make the most of the Webex management experience.

We expanded global audio coverage so more people can dial into Cisco Webex Meetings seamlessly through the public switched telephone network (PSTN). Your users now have access to the broadest global PSTN coverage of any other web conferencing provider, covering nearly 200 countries across all audio plans. This global coverage expansion allows you and your meeting participants to join with PSTN audio from more countries than ever. This increase represents 11 new countries included in our base Webex Flex Meetings offer at no additional cost, and the remaining countries were added to our usage audio offer for additional toll and toll-free coverage.

Cisco Study Materials, Cisco Guides, Cisco Learning, Cisco Certifications
Last but not least, Webex Control Hub is a single pane of glass that give IT not just diagnostics, but also the ability to manage users and services. You can drill down on analytics at the individual participant level for detailed, continuous analytics on how an end user’s device is behaving or look at usage to determine whether or not certain services are
valuable or need further investment. In this management portal, you can also provision, administer, and manage Cisco Webex services and Webex Hybrid Services, such as Hybrid Call Service, Hybrid Calendar Service, Hybrid Directory Service, and Video Mesh.

These are just some of the ways we are improving the meeting’s experience.

Tuesday, 11 June 2019

Cisco AI Network Analytics: Making Networks Smarter and Simpler to Manage

Enterprise networks generate a lot of data. A lot. Imagine a network with 6000+ access points, 10 wireless controllers, a data center, dozens of branch offices, and over 10,000 roaming wireless devices covering an area the size of a small city. Every AP collects telemetry on its operating environment, radio performance, interference statistics, and the identities of devices that are connecting to them. The SD-WAN fabric connects distributed branch offices and remote workers to cloud applications and data center resources, managing thousands of connections and traffic flows over the course of a work day.

Trying to manually analyze and troubleshoot the traffic flowing through thousands of APs, switches, and routers is a near impossible task, even for the most sophisticated NetOps team. In a wireless environment, onboarding and interference errors can crop up randomly and intermittently, making it even more difficult to determine probable causes. How long does it take for devices to onboard as they are carried from segment to segment? Is taking 5 seconds to connect to an AP satisfactory or unacceptable performance? Is onboarding time consistent regardless of device density or does it vary unpredictably? How do you measure and compare application performance from SaaS providers to distributed branch offices and remote workers?

The irony of having mountains of telemetry and activity logs awaiting analysis by overworked IT teams is that there is too much noise from too much data for humans to deal with in a timely manner. Machine learning (ML) and applied artificial intelligence (AI) automates the analysis of trillions of bytes of telemetry, radio fingerprints, and network access points to uncover patterns in the chaos, and turn the findings into actionable insights or automated mitigation actions. Where is the nexus of AI/ML for enterprise network analytics? In the Cisco DNA Center and the Cloud.

Cisco AI Network Analytics in the Cloud


For years now, Cisco has been integrating AI/ML into many operational and security components, with Cisco DNA Center the focal point for insights and actions. Now we are adding new capabilities with Cisco AI Network Analytics in the Cloud. AI Network Analytics collects massive amounts of network data from Cisco DNA Centers at participating customer sites, encrypts and anonymizes the data to ensure privacy, and collates all of it into the Cisco Worldwide Data Platform. In this cloud, the aggregated data is analyzed with deep machine learning to reveal patterns and anomalies such as:

◈ Highly personalized network baselines with multiple levels of granularity that define “normal” for a given network, site, building, and SSID

◈ Sudden changes in onboarding times for Wi-Fi devices, by individual APs, floor, building, campus, and branch

◈ Simultaneous connectivity failures with numerous clients at a specific location

◈ Changes in SaaS and Cloud application performance via SD-WAN direct internet connections or Cloud OnRamps

The Worldwide Data Platform leverages a growing knowledgebase of over 35 years of Cisco engineering problem resolutions and AI-derived insights. As patterns are discovered and anomalies uncovered in the diverse ocean of data, alerts with correlated information—such as physical locations, histories, possible causes, and potential remedies—are sent to the corresponding Cisco DNA Centers for evaluation and action by NetOps.

AI Analytics Provides Visibility, Insight, and Action


The AI processes in the cloud perform the logical troubleshooting steps that a network engineer executes to resolve problems, but much faster and against a much larger data set than humans’ can handle. In large campus networks and remote branch offices, the number of alerts and false-positives for minor to major issues can come fast and furious at times, making triage the first step for NetOps teams. The AI processing helps triage issues by categorizing them according to severity, location, number of affected devices, and the ability to automatically remedy a subset of issues. As a result, NetOps can focus on high-priority alerts instead of hunting through a blizzard of data for disruptive problems. Cisco AI Network Analytics and DNA Assurance provides visibility, insight, and action for resolving network issues and improving performance.

Cisco AI, Cisco Learning Machine, Cisco DNA Center, Cisco Study Materials

Visibility into Personalized Baseline Behavior

Using machine learning to determine a baseline range for network activity—error rates, onboarding times, application performance, for example—helps spotlight relevant deviations in behavior that impact network availability. Once a personalized baseline is established, NetOps can measure performance over periods of time to determine the effects of network design changes, adding devices, changing segmentation, and adding SaaS application connections to distributed branches. A baseline enables NetOps to focus on significant anomalies rather than the noise of minute-to-minute deviations, saving time and resources for IT projects that add value.

Cisco AI, Cisco Learning Machine, Cisco DNA Center, Cisco Study Materials

Insights Gathered From Around the World

With a baseline of normal network operations established, Cisco AI Network Analytics examines abnormal behaviors to pinpoint specific issues and their root causes. A knowledgebase of engineering experience—accumulated by Cisco over decades of network monitoring and troubleshooting—works with the patterns and anomalies uncovered by ML in the Worldwide Data Platform to prescribe actions to fix issues. Workers in a remote branch office that are taking longer than the normal baseline to onboard, for example, trigger an alert in Cisco DNA Assurance, along with potential remedies, enabling NetOps to take proactive remediation steps before the delays impact productivity and customer experience.

In IP networks, a problematic event is often preceded by a benign event or series of events. Using the Proactive Exploration features of AI Network Analytics, NetOps can, for example, be forewarned of increases in Wi-Fi interference, network congestion, and office traffic loads. By learning how a series of events are correlated to one another, system-generated insights can help foresee future events before they happen and alert IT staff with suggestions for corrective actions. These insights can recommend changes to Wi-Fi, switch, or application configurations that will improve system performance and user experience, improve issue relevancy, and accurately identify trends and root causes.

AI Network Analytics can also compare activity and patterns among, for example, branch offices, to determine “normal” activity and pinpoint performance issues pertaining to individual sites. Since all the data in Worldwide Data Platform is anonymized, Cisco AI Network Analytics can securely compare a campus network’s performance against other sites of similar size and configuration, helping to identify opportunities for network upgrades while optimizing IT spending.

Action and Guided Remediation from Expert Knowledgebase

Insights lead to action with guided remediation suggestions resulting from the fusion of machine pattern recognition and AI-derived workflows from the engineering knowledgebase. Events similar to those that have occurred in other enterprise sites provide possible solutions that have previously resolved analogous issues. This demonstrates the value of leveraging the Worldwide Data Platform and ML to capture issues that crop up sporadically in networks all over the world and resolve them quickly and efficiently.

Note that participating in the Worldwide Data Platform is optional when using Cisco DNA Center, but will result in more limited capabilities. Even though all data received from customer DNA Centers is anonymized, and each customer has a unique private key for decryption, not participating in the Worldwide Data Platform is an option for organizations that have privacy and compliance issues that limit data sharing.In

Intent-based Networking is Smarter and Simpler to Manage with AI Network Analytics


Cisco AI Network Analytics, within Cisco DNA Center, adds another layer of intelligence to Intent-Based Networking, making networks even smarter, simpler to manage, and more secure. Integrating decades of Cisco network engineering experience into the AI Network Analytics platform to continuously analyze network operations and deviations leads to faster problem resolution and thus greater IT efficiency. By identifying the most relevant optimization opportunities for each customer’s unique configuration and usage patterns, IT resources can be allocated to high priority projects providing the most benefit instead of chasing minor fluctuations in network performance.

Cisco will continue to add AI and machine learning to bring simplicity and security to enterprise networks of all sizes and shades of complexity. The more telemetry, operational statistics, and security threat indicators flow into the Cisco Worldwide Data Platform, the more value enterprises using Cisco DNA Center will gain.

Saturday, 8 June 2019

F5 ACI ServiceCenter App Pushes the Envelope in DC Networking Automation

Cisco Certifications, Cisco Guides, Cisco Learning, Cisco Tutorials and Materials

Introduction


In tune with changing technology trends, our data center customers are increasingly adopting a solution-focused approach, instead of a point product one, for managing and monitoring their Data Center operations. This trend is very much pronounced with intent-based networking technologies, such as ACI, that provide customers a cloud-like experience with their on-prem infrastructure. A very understandably popular request from our customers – and this was heard loud and clear in our most recent Cisco Live EMEA – is to consume networking and application-delivery services together as a cohesive solution. With the goal to enable customers to do just that, Cisco and F5 have collaborated on a F5 App for the Cisco ACI App Center.

Today, I am pleased to share with you my thoughts on this newly designed F5 ACI ServiceCenter App, a multi-function and operations focused solution, covering its key L2-L7 operational use-cases. You’ll be able to see how customers can leverage its capabilities combined with the speed and flexibility of its host, the ACI App Center.

What does this mean?


Customers want a native ACI solution and a single point of automation and visibility for L2-L7 infrastructures. The F5-ACI App represents a strategic and new directional transference from the erstwhile device-package based integration approach. Centered around ease-of-use and customer experience, this App is quick to install and intuitive in its design flow for the end user. This forms the basis for the design innovation of the F5-ACI App addressing flexibility without compromising features, domain expertise, or ease of use.

F5 ACI App – Key Use Cases and Value Proposition

Cisco Certifications, Cisco Guides, Cisco Learning, Cisco Tutorials and Materials

F5-ACI App – Use Cases


1. Enhanced Visibility across Cisco ACI and F5 BIG-IP
(correlation of APIC components and BIG-IP configurations)
2. Configure network connectivity between ACI and BIG-IP
(deploy ACI-to-BIGIP L2-L3 connectivity)
3. Provision application services on BIG-IP from App UI
(use pre-defined json files to push custom configuration from App-to-BIGIP)
.

F5-ACI App – Key Benefits


1. Native and easy deployment from ACI App center
2. Operational model alignment with ACI and F5 users
3. Applicability to “Brownfield/Greenfield” user deployments
4. Consistent with F5’s overall approach towards automation leveraging a declarative automation approach through AS3 from the F5 Automation Toolchain

We are committed to a robust roadmap evolving the App to address the strong demand of this integration by our customers. This is a phenomenal milestone – two industry leaders collaborating to enable our customers with success and cutting edge, yet simple, technology.

Friday, 7 June 2019

Security Analytics and Logging: Supercharging FirePower with Stealthwatch

When we consider network threat detection, most of us immediately think of signature and rule-based intrusion detection and prevention systems (IDPSs). However, it is a little discussed fact that the very first intrusion detection systems, built back in the ‘80s, were actually based on anomaly detection!

Cisco Study Materials, Cisco Tutorials and Materials, Cisco Learning, Cisco Guides

Those pioneers understood that with the presence of zero-days and the lack of exhaustive black-lists, we needed to use the full range of analytical techniques at our disposal to be effective.

Those anomaly detection roots may not be so evident in today’s IDPSs however they were not totally lost. In fact, a whole new branch of network threat detection systems were developed that used those very same anomaly detection techniques. That heritage manifests itself, today in so-called Network Traffic Analysis (NTA) tools.

While IDPSs have made detecting the initial intrusion in the packet stream their relentless focus, NTA systems take a very different approach. They generally work on metadata generated from the network, often called network flows, so they can expand our scope of analysis in both time and space to become essential in post-breach analysis, incident response, and even threat hunting situations.

Well Cisco has arranged a family reunion!

We are proud to announce the combination of our best-in-class IDPS and NTA products, Cisco Firepower and Cisco Stealthwatch. The Security Analytics and Logging (SAL) solution brings the best of perimeter-based protection and detection with the power of visibility and security analytics over the entire network. We believe we have created the most comprehensive network-centric threat protection, detection, and response solution – something that only Cisco is in the position to achieve.

Raising the bar on Network Security


It is very well understood how IDPSs are effective in security protection: blocking activity that can be identified as a threat or violates some policy. However, we accept that threats still get through and that is why IDPS have robust rules-based detection engines based on content-inspection.

But what do we do with all these detections? What if the traffic cannot be inspected? What if decryption is not an option? What if the threat is spreading internally?

Security Analytics and Logging service is specifically designed to augment your Cisco Firepower deployment with security analytics, from the Stealthwatch Cloud platform, to drive improved threat detections and provide the insight needed for more effective protection.

It All Starts with Visibility


The foundation of the solution is the aggregation of the connection and detection logs from Cisco Firepower with the network flows that the Stealthwatch platform collects. Just think about that. A dataset that gives us unprecedented visibility into the entire breadth of your network from perimeter to access, from campus to branch. But that’s not all! That “general ledger” not only contains all the header-based metadata, but now also includes all the metadata and inferences derived from all the deep content-inspection the Cisco Firepower engine provides.

Now you might be thinking to yourself, “there are plenty of tools I can use to gain this type of visibility.” However, in practice the sheer volume, velocity, and variety of the data can lead to staggering costs. The Stealthwatch team has made working at these scales our speciality and because our back ends are optimally engineered for the security outcomes we desire, we can offer this visibility in a much more cost-effective manner.

Security Analytics Driving Rapid Response


With all that visibility comes the opportunity to apply security analytics that can detect breaches that have bypassed the content-inspection based rules at the perimeter.

The security analytics powered by Stealthwatch can achieve this by baselining normal behavior of endpoints on the network in a process we call entity modelling. These models are then used to detect malicious activity based on any changes in behavior and indicators of compromise. The Stealthwatch engine can then combine these observations with others that may come from other parts of the network or even the detection engine in Cisco Firepower to create reliable and useful alerts.

Through this, you get detection of internal and external threats based on the analysis of network telemetry and IDPS logs, all from within Cisco Defense Orchestrator (CDO) and from that same interface, you can modify your network-wide policy to immediately deploy a remediation strategy. In addition, CDO is fully integrated with Cisco Threat Response which allows you to build incident casebooks and drive response actions across the whole of the Cisco security portfolio.

Closing the Loop: Improving Protection through Policy Tuning


Up until now, I have discussed the during and after phases of an attack but with SAL we can close the loop and reason more effectively about the before phase. In this phase we, as security practitioners, try to understand what is actually on our networks and what activity is to be allowed or blocked.

We express this intent through policies that enshrine both threat defense and compliance considerations. But designing and managing these policies across an increasingly complex digital business has historically been a major challenge and can leave many organizations vulnerable to attack.

The insight that it brings to the game drastically improves the way you can make policy decisions from within CDO. Through this capability you can query the logs collected from Cisco Firepower devices to play out what-if scenarios and validate the correct behavior of the policy at the enforcement point. In addition, the extended visibility of the rest of the network that the Stealthwatch platform provides can even allow you to determine if traffic is bypassing your enforcement points.

You can then turn around and deploy these highly tuned policies across the entire portfolio of security products right from within CDO! This is an entirely new paradigm that is required to not only scale with your growing network but also help you seamlessly manage policies across your environment powered by intelligence and insight.

Through this, you get detection of internal and external threats based on the analysis of network telemetry and IDPS logs all from within Cisco Defense Orchestrator (CDO) and from that same interface you can modify your network-wide policy to immediately deploy a remediation strategy.

Thursday, 6 June 2019

20 Years of Wireless with the Wi-Fi Alliance

In 1999, the idea of connecting to a network wirelessly was mostly a dream. The only device one might want to connect was a laptop, and they were generally expensive and often restricted to the executive suite in larger enterprises. But 1999 was also the year that the IEEE 802.11 Working Group approved the IEEE 802.11b standard, the technological base of Wi-Fi.

Cisco Wi-Fi Alliance, Cisco Certifications, Cisco Learning, Cisco Guides, Cisco Tutorials and Materials

However, the mere existence of a standard written by a bunch of smart engineers is rarely sufficient to ignite a revolution. Wireless technology needed a savvy champion, an industry organization to market the technology to the world and ensure it really works in the hands of users. Aironet (acquired by Cisco in 1999) was one of six companies to recognise this need and co-founded the Wireless Ethernet Compatibility Alliance (WECA), also in 1999.

The WECA took on two vital tasks immediately: to ensure the technology really worked in a multi-vendor environment, and to find a better name, one that would resonate around the world. It succeeded in both.

In 2000, WECA changed the name of its technology from Wireless Ethernet to Wi-Fi. Today, the Wi-Fi label is recognized across the globe and Wi-Fi is so valued that, according to at least one survey, people would rather give up beer or their morning coffee than their Wi-Fi.

Technical diligence


In 2000, the newly renamed Wi-Fi Alliance issued its first interoperability certification for an IEEE 802.11b product, operating at 11Mb/s. This certification was the first of over 45,000 product certifications over the next twenty years. As Wi-Fi technology has expanded, Wi-Fi Alliance certifications have kept users confident that their devices will work with products from other vendors. In 2019, users can be sure of interoperable, reliable and secure Wi-Fi access using the latest IEEE 802.11ax standard (now branded Wi-Fi 6) at rates of up to 5 Gb/s.

In the early years of the Wi-Fi Alliance, it was not always clear that Wi-Fi was going to become the dominant wireless access technology. It certainly was not pervasive. I recall IEEE 802.11 Working Group meetings in 2001, where most engineers designing standards for the next generation of Wi-Fi did not even have Wi-Fi access on their laptops; during Working Group meetings we often had to borrow Wi-Fi cards from a big box at the front of the room.

Today, the idea of a laptop not having perfectly-working Wi-Fi connectivity built-in is alien. Every laptop has Wi-Fi, as does just about any device that generates or uses data. Over 30 billion devices have been made with Wi-Fi, from security cameras in homes to badge readers in enterprises to entertainment systems in cars, industrial sensors, and, of course, mobile phones. There are so many devices using Wi-Fi that by 2022, Cisco’s Visual Networking Index forecasts more than half of all global IP traffic will access the network using Wi-Fi. Unfortunately, this traffic includes my Wi-Fi enabled bathroom scale, telling the cloud each morning that I really should do more exercise.

Challenges along the way


Wi-Fi is not perfect and never will be, but the Wi-Fi Alliance has provided a forum for ongoing development and improvement. For example, a flaw in Wi-Fi security was revealed in 2001 in the form of the WEP Debacle, in which it was shown WEP actually provided very poor security. It was almost a death sentence, because Wi-Fi without security is close to useless. Fortunately, the whole Wi-Fi ecosystem, led by the Wi-Fi Alliance, quickly pulled together and defined WPA (as a temporary solution) and then WPA2 (as a solution that has lasted more than 15 years) to ensure Wi-Fi had appropriate security to meet users’ needs. Of course, you can never take your eye off the ball with security. The Wi-Fi Alliance has continued to promote improvement, most recently with the release of WPA3 (with significant leadership from my Cisco colleague, Stephen Orr).

The Wi-Fi Alliance does not always get it right in its certification programs either, but every experience improves the process, and some “failures” hold the keys to future success. The Wi-Fi Direct certification for peer-to-peer communications was technically successful, in terms of the number of certifications, but the technology didn’t see widespread use. The Wi-Fi Alliance has not given up on peer-to-peer communications, though. Instead, it has learned from the experience;  there are great hopes that the recently introduced Wi-Fi Aware certification will better meet user’s needs.

The WiGig program for 60GHz access is another example where the Wi-Fi Alliance continues to persevere. This activity started in the Wi-Fi Alliance back in 2010. WiGig is still not yet successful, but it represents a significant opportunity for new spectrum and new use cases. The Wi-Fi Alliance’s ongoing work and perseverance means it is an opportunity that still has an excellent chance of being fulfilled in the near future.

Despite the Wi-Fi Alliance’s “learning experiences” over the years, the key point is that Wi-Fi has been successful because it has always fulfilled a promise to enable anyone, anytime, anyplace to construct a cost effective solution to solve real user’s problems. And the problems Wi-Fi solves are evolving. In 2000, the problem was connecting a laptop. Today, it is connecting anything to everything in homes, enterprises, factories, transport and public spaces.

The key to fulfilling this promise has been the Wi-Fi Alliance members’ cooperation across the Wi-Fi ecosystem. The Alliance is a forum for making sense of the alphabet soup of standards from the IEEE 802.11 Working Group, and for developing additional specifications as necessary. It’s also the primary forum for bringing vendors together to ensure interoperability of basic Wi-Fi technology as it continues to develop.

Proud to lend a hand


Cisco is proud to have played a role in the Wi-Fi Alliance since 1999. The company has been a driving force in the Wi-Fi Alliance from the very beginning, as a Sponsor member influencing its strategic direction and as a participant in Task Groups and Interoperability Test Beds. The Wi-Fi Alliance has a provided a basic interoperable Wi-Fi platform for Cisco to provide innovative features that meet the particular needs of our customers; features including Cisco Compatible eXtensions (CCX), controllers with coordinated Access Points, Cisco CleanAir® interference detection and mitigation, location based solutions such as Cisco DNA Spaces, Application Visibility & Control, Hyperlocation, Flexible Radio Assignment (FRA) of dual 5 GHz radios, Software Defined Access, and Intelligent Capture and real-time telemetry. In many cases, Cisco has contributed our proven features back into the Wi-Fi ecosystem, ultimately with certification by the Wi-Fi Alliance.

After twenty years, the global economic value of Wi-Fi is almost $2 trillion per annum (as of 2018). However, it is not the only globally-used wireless data network. Many claim that cellular data, in particular 5G, will take over from Wi-Fi in several key market segments. But Cisco don’t see this as a game with only one winner.

Cisco project that both Wi-Fi and 5G will succeed, and in fact strengthen each other’s success. Wi-Fi will continue to grow to meet the needs of the local area (in unlicensed spectrum), and 5G will meet the needs of outdoor, high speed needs (mostly in licensed spectrum). They will be better together – especially if users can move between the systems smoothly.

To help bring that vision to life, Cisco recently introduced OpenRoaming, building on the Wi-Fi Alliance’s Passpoint certification, which will allow users easy and secure access to Wi-Fi networks globally via a cloud-based federation of access networks and identity providers – including mobile carriers.

I am proud to have been personally involved with the Wi-Fi Alliance since 2003, most of that time on the Board of Directors, including as Chair of the Board from 2006 to 2011. I participated in its 10 year and 15 year anniversary celebrations, and now its 20 year anniversary. I look forward to watching Wi-Fi continue grow and develop in the future under the guidance of the Wi-Fi Alliance.