Cisco Threat Response Plugin: Defeat Threats With Just a Few Clicks

One of the best tools in your SOC’s arsenal is something you might already have access to and didn’t even have to pay for. If you already deploy Cisco Umbrella, AMP for Endpoints, Firepower devices, next-generation intrusion prevention system (NGIPS), Email Security, or Threat Grid, then you can immediately access Cisco Threat Response for FREE. As in no charge. Zero extra dollars. No strings attached.

With Cisco Threat Response, customers receive a powerful solution that can streamline and simplify detection, investigation, and remediation of threats. In addition, Threat Response offers a very easy, powerful tool in the new browser plugin (for Chrome and Firefox). By adding the plugin, security professionals now have instant access to threat intelligence and response capabilities directly from their browser. To prove the simplicity of this, let’s use a straightforward example.

For the threat, we will use the Karkoff malware, used in the DNSpionage campaign.

Ah, it seems that Talos has a full spotlight of Karkoff. Towards the bottom of the blog, Talos gives a full report on Indicators of Compromise for Karkoff.

Traditionally, you’d have to manually copy and paste  each file, IP address, etc. from the blog, editing them to remove the defanging “safety brackets”, searching for each one in turn, in each of your telemetry sources – a laborious, manual activity. Cisco Threat Response simplifies this entire process by bringing all of these capabilities to one central source. So, let’s open the Cisco Threat Response browser plugin.

Immediately, Cisco Threat Response identifies 16 observables from this threat intelligence blog. 1 clean. 9 malicious. 6 unknown.

By clicking the malicious and unknown observables, we can tailor our investigation. We will not worry at all about snort.org, because we know Snorty is never up to anything bad!

As an example of how quickly we can take response actions, even before pivoting into Threat Response to do a more complete investigation, let’s look at kuternull.com. It is listed as “unknown.” By clicking the dropdown menu next to it, and pivoting out to other trusted intelligence sources like the Talos database or Threat Grid, we could quickly gather more information to determine a course of action.

For the purposes of simply showing the ease of the plugin, let’s assume we investigated this domain and there is no legitimate business need for our organization to be contacting it. In order to prevent potential malware activity, we will proactively block it now as a first level stopgap while we continue our investigation. Threat Response directly integrates with Umbrella, so we can immediately block the domain across our entire network with one click within the plugin.

Within a few seconds, Threat Response will flash a green banner confirming the blocking of the domain with Umbrella.

Now, after blocking a few domains quickly, our network is certainly better protected from Karkoff, but there is more investigation to be done. A quick click of the “Investigate” button will launch Cisco Threat Response’s cloud-based dashboard.

Cisco Threat Response will automatically load the list of the observables and provide insights with relation graphs, file hashes, and others.

Previously, Security Operations Centers (SOCs) would hear about trending threats and wonder, “Is my network affected by this threat?” To answer that question, it would require a series of manual processes that required investigating observables hundreds of times across the network, and then, writing sufficient policy to defend against these threats. To make life even more difficult, these solutions were often from different vendors and require manual processes to implement across different parts of the next work.

With Cisco Threat Response, within minutes, your SOC can:

1. Identify a trending threat from your SIEM, Talos, other threat intel sources, or virtually any third party product that has a web based interface

2. Identify a list of observables with one click

3. Quickly block domains across the network

4. Launch Cisco Threat Response for further investigation

It is important to note that Cisco Threat Response is a FREE add-on to existing Cisco Security solutions. In the example above, the user has Threat Response integrated with their AMP For Endpoints, Cisco Threat Grid, and Umbrella solutions. In addition, every user of Threat Response automatically gets access to the Talos Intelligence and AMP File Reputation databases for use in Threat Response. While Cisco Threat Response provides significant value when integrated with only one product, it becomes even more useful with each additional Cisco Security solution integration. It offers unparalleled central-management for detection, investigation, and remediation – and the browser plugins bring all those capabilities into any type of web content. Whether it is a blog entry like in this example, any other intelligence source, or the browser-based management console of any Cisco or third-party security or networking product.

Continue reading

Cisco CCIE Collaboration 400-051 (CCIE C): Latest [2019] Exam Guide

Exam Name: CCIE Collaboration Written Exam

Exam Code/Number: 400-051 CCIE C

Exam Overview:  This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks.

Practice Exam: Cisco Certified Internetwork Expert Collaboration Practice Test

Sample Questions: Cisco 400-051 Sample Questions

Continue reading

Manage Interfaces in a Centralized Way with DCNM 11

Today, we’re continuing the discussion by featuring how Cisco’s Data Center Network Manager (DCNM) empowers IT to move at the increasing speed businesses require, giving IT departments complete automation, extensive visibility, and consistent operations for their data center. DCNM is the network management platform for all NX-OS-enabled deployments, spanning new fabric architectures, IP Fabric for Media, and storage networking deployments for the Cisco Nexus-powered data center.

Why DCNM 11?

With its advanced features, Cisco’s DCNM 11 supports the management of interfaces individually at a per device level, a fabric level, or a data center level. This is done either via the GUI or equivalent REST APIs. While many tools provide just about every possible permutation for interface configuration, DCNM 11 comes with best practice interface policy templates that will serve the most common deployment scenarios. For more sophisticated use-cases, the interface policy templates within DCNM can be easily customized to meet the user’s specific needs. In addition, the following interface-related operations are also available:

◈ Create/Edit/Delete of logical interfaces like vPCs, Port-Channels, Loopbacks, Sub-interfaces

◈ Attach Networks and VRFs to interfaces using one click

◈ Configuration Straight-Through (ST) and Active-Active (AA) FEX

◈ Interface operations like admin down/up and show commands using templates

◈ Configuration of Routed, Access, Trunk Interfaces

◈ View history for each interface – who did what, when at an interface level

◈ Check compliance status for every interface

◈ Configuration of breakout interfaces

◈ Interface statistics on per interface or per link basis

◈ Per Interface neighbor discovery using LLDP/CDP

How it works

Interface of Switches discovered by DCNM can be seen by navigating to Control -> Fabrics -> Interfaces. The scope selector allows you to filter the list of interfaces at a Data Center level or at a per fabric level. Various filtering options are available, including the ability to modify interface configuration in bulk. The global interface view provides a combination of information that is configured via the DCNM as well as operational information based run time state.

Interface management at a fabric level

Interface Controls

Per switch level interface management can be done via Fabric Builder with a simple right click sub-menu selection.

Interface management at a switch level

Typically, there are two types of interfaces: network interfaces that represent a inter-switch link or ISL, and host facing interfaces that are typically attached to end points (servers, appliances etc.). An ISL or a link may be further classified as a intra-fabric or inter-fabric link. Intra-fabric links are between devices that are part of the same fabric, while inter-fabric links are typically used for external connectivity out of a fabric. DCNM allows users to pre-provision inter and intra fabric physical and logical links using link policy templates. A link policy template in turn references child interface policy templates, one each for either end of the link.

DCNM then gathers and populates interface level statistics in the health dashboard. Interface and per link statistics – including transmit/receive byte/packet counters, error counters, and more – are available for archival and perusal. Daily or weekly reports may also be generated for interface statistics.

Real-time interface statistics in Topology Page

Topology -> Double clicking a link shows 24 H traffic patters

Control -> Fabric -> Interfaces -> Traffic pattern at an interface level

Interface or link up/down events result in trap notifications that in turn can be used to trigger alarms based on user configured policies. In general, for brownfield deployments, DCNM always preserves the switch and corresponding interface level configuration. DCNM learns the configuration of not only the physical but also the logical interfaces that are present on the switch. Resources such as port-channel IDs, loopback IDs, ip addresses, etc. are also marked as used in the DCNM resource manager. Subsequently, existing interfaces can be edited or new interfaces can be incrementally provisioned via the DCNM for continuous operation.

DCNM features configuration compliance that keeps track of the expected-config/intent defined by the user and the running configuration on the switches at all times. Any drift from the interface intent, including changes made out-of-band, marks the interface, and hence the switch, as ‘OUT-OF-SYNC’. Remediation is suggested by generating a set of pending configuration that will mutate the current running configuration to the current expected configuration (intent) on execution. This brings the interface, and hence the switch, back ‘IN-SYNC’. DCNM’s own resource manager keeps track of all interface configurations, and mutations are backed up at all times for a future rollback.

Interface management from DCNM

Continue reading

Network Automation Using Unified API – Napalm

Before I joined the awesome Cisco DevNet team, I worked for Cisco on two of their biggest cloud platforms as a network engineer.

My old team and I designed and built one of biggest Cisco Data Center footprints AND we did it all manually. Yes, no automation! We mostly used notepad files as templates, with adds, moves. changes, and general fixes added to these ‘golden notepad’ files. Copying and pasting into the command line (CLI) when each Data Center came online.

If a chill went down your spine and you are shaking your head with reading that last sentence, it was as painful as you are thinking. Even the most diligent, keen eyes and obsessed engineer would find it difficult to say that copying and pasting configurations into 15 network devices, including routers, switches, firewalls, and load balancers was going to go smoothly first time. Certainly not when you have over a thousand access-lists and your firewalls are multi-context.

Time to embrace automation

It made me wonder how our SRE looked so fresh faced (not only because their average age was 20 years less than me btw!) and had time to play on the foosball table. They managed, built, and owned five times the product services that our network team did. Our SRE team had automation nailed down! We needed to become more agile and embrace network automation.

Because we had been so diligent on our new Data Center build, the ports lined up per device and everything was standardized. Our SRE team helped with the automation of the ASA firewalls which was our starting point as they wanted to be able to manage and update their services without having to rely on the network team for the changes. Like most network engineers starting network automation, Ansible was our first choice. We could automate our access lists much easier and audit these when the security team asked (which was normally mid Friday afternoon!).

Cisco acquires OpenDNS

In 2015 Cisco acquired OpenDNS. Our network teams were merged into one team. When our teams met for the first time, the OpenDNS NetEng team said/asked, “Our network is fully automated, is yours?”

“Sort of” was our reply. One of the first tasks was learning from the OpenDNS NetEng team how they fully automated their network. This was my ‘penny dropping’ moment (and what I would find later to be the turning point in my career). There is nothing better than being able to learn from someone (or team) how they achieved the goals you want to achieve.

Welcome to NAPALM

The OpenDNS NetEng used NAPALM (Network Automation and Programmability Abstraction Layer with Multivendor support), a Python library that implements a set of functions to interact with different network device Operating Systems using a unified API. NAPALM supports several methods to connect to the devices, to manipulate configurations or to retrieve data. I had been learning Python for around year, but had not done a big project with it yet. Now, here was my chance.

First, as I tell everyone now who is starting network automation, “start with the low hanging fruit – do not try and automate your whole network in one go.” Trust me here when I say, you can break a lot more things with automation and you can break them a lot quicker. (I have been there and own that t-shirt!) The first project was managing our edge routers (ASR IOS XR) using NAPALM network automation.

What can you do with NAPALM?

◈ Configuration replace: Replace the entire running-config with a completely new configuration

◈ Configuration merge: Merge a set of changes from a file into the running-config

◈ Configuration compare: Compare your new proposed configuration file with the running-config. This only applies to configuration replace operations; it does not apply to merge operations

◈ Commit: Deploy the staged configuration. This can be either an entire new file (for replace operations) or a merge file

◈ Discard: Revert the candidate configuration file back to the current running-config; reset the merge configuration file back to an empty file

◈ Rollback: Revert the running configuration back to a file that was saved prior to the previous commit

Let’s have a quick look at using NAPALM with one of the Cisco DevNet Always on Sandboxes, the one we’ll use here is the IOS XE on CSR Sandbox . Start by installing NAPLAM (You need to have Python 3.6+). You can install NAPALM using PIP

pip install napalm

Open the python `repl` on your machine.

$python
Python 3.6.5 (v3.6.5:f59c0932b4, Mar 28 2018, 05:52:31)
[GCC 4.2.1 Compatible Apple LLVM 6.0 (clang-600.0.57)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>>

Start by importing the NAPALM module into Python

from napalm import get_network_driver

You can select the driver you need by doing the following:

driver = get_network_driver("ios")

Create the python code using the IOS-XE always on sandbox information.

device = driver(hostname='ios-xe-mgmt-latest.cisco.com',
... username='developer',
... password='C1sco12345',
... optional_args={'port':8181})

Next, we open a connection the device and pass the `get_interfaces` command.

device.open()
device.get_interfaces()

The information is printed below (dont’ worry if your output is not the same. As this is a always on sandbox interfaces change as people use this)

{'GigabitEthernet1': {'is_enabled': True, 'is_up': True, 'description': "MANAGEMENT INTERFACE - DON'T TOUCH ME", 'mac_address': '00:50:56:BB:E9:9C', 'last_flapped': -1.0, 'speed': 0}, 
'GigabitEthernet2': {'is_enabled': True, 'is_up': True, 'description': 'ConfiguredNetConf', 'mac_address': '00:50:56:BB:77:1A', 'last_flapped': -1.0, 'speed': 1000}, 
'GigabitEthernet3': {'is_enabled': False, 'is_up': False, 'description': 'Network Interface', 'mac_address': '00:50:56:BB:EB:1E', 'last_flapped': -1.0, 'speed': 1000}, 'Loopback99': {'is_enabled': True, 'is_up': True, 'description': 'Developers interface', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback101': {'is_enabled': True, 'is_up': True, 'description': 'Created with Ansible', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Loopback102': {'is_enabled': True, 'is_up': True, 'description': 'Created with Ansible', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback199': {'is_enabled': True, 'is_up': True, 'description': 'New Loopback by Priv15 user', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback211': {'is_enabled': True, 'is_up': True, 'description': 'Developers Priv15 Interface', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback231': {'is_enabled': True, 'is_up': True, 'description': 'DEVELOPER PRIV15 INTERFACE', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Loopback555': {'is_enabled': 
True, 'is_up': True, 'description': 'Added by xxx', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Loopback556': {'is_enabled': True, 'is_up': True, 'description': 'Added by GuGame', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000},
 'Loopback1001': {'is_enabled': True, 'is_up': True, 'description': 'GenieLoop1001', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback1150': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 1150', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Loopback1184': {'is_enabled': True, 'is_up': True, 'description': 'New Interface Created with Genie change', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000},
 'Loopback1250': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 1250', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Loopback1350': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 1350', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback1450': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 1450', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000},
 'Loopback5050': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 5050', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 
'Loopback5150': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 5150', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Loopback5250': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 5250', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000},
 'Loopback5350': {'is_enabled': True, 'is_up': True, 'description': 'Pod Number 5350', 'mac_address': '', 'last_flapped': -1.0, 'speed': 8000}, 'Port-channel1': {'is_enabled': True, 'is_up': False, 'description': 'This is a port-channel interace', 'mac_address': '00:1E:E5:65:3F:C0', 'last_flapped': -1.0, 'speed': 1000}, 
'Tunnel0': {'is_enabled': True, 'is_up': False, 'description': '', 'mac_address': '', 'last_flapped': -1.0, 'speed': 0}, 'Tunnel1': {'is_enabled': True, 'is_up': False, 'description': '', 'mac_address': '', 'last_flapped': -1.0, 'speed': 0}, 
'VirtualPortGroup0': {'is_enabled': True, 'is_up': True, 'description': '', 'mac_address': '00:1E:E5:65:3F:BD', 'last_flapped': -1.0, 'speed': 750}}

We can make the output more readable, by importing `json` and printing this in `json format`

import json
print(json.dumps(device.get_interfaces(), sort_keys=True, indent=4))

{
"GigabitEthernet1": {
"description": "MANAGEMENT INTERFACE - DON'T TOUCH ME",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "00:50:56:BB:E9:9C",
"speed": 0
},
"GigabitEthernet2": {
"description": "ConfiguredNetConf",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "00:50:56:BB:77:1A",
"speed": 1000
},
"GigabitEthernet3": {
"description": "Network Interface",
"is_enabled": false,
"is_up": false,
"last_flapped": -1.0,
"mac_address": "00:50:56:BB:EB:1E",
"speed": 1000
},
"Loopback1001": {
"description": "GenieLoop1001",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback101": {
"description": "Created with Ansible",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback102": {
"description": "Created with Ansible",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback1150": {
"description": "Pod Number 1150",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback1184": {
"description": "New Interface Created with Genie change",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback1250": {
"description": "Pod Number 1250",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback1350": {
"description": "Pod Number 1350",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback1450": {
"description": "Pod Number 1450",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback199": {
"description": "New Loopback by Priv15 user",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback211": {
"description": "Developers Priv15 Interface",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback231": {
"description": "DEVELOPER PRIV15 INTERFACE",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback5050": {
"description": "Pod Number 5050",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback5150": {
"description": "Pod Number 5150",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback5250": {
"description": "Pod Number 5250",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback5350": {
"description": "Pod Number 5350",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback555": {
"description": "Added by xxx",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback556": {
"description": "Added by GuGame",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Loopback99": {
"description": "Developers interface",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "",
"speed": 8000
},
"Port-channel1": {
"description": "This is a port-channel interace",
"is_enabled": true,
"is_up": false,
"last_flapped": -1.0,
"mac_address": "00:1E:E5:65:3F:C0",
"speed": 1000
},
"Tunnel0": {
"description": "",
"is_enabled": true,
"is_up": false,
"last_flapped": -1.0,
"mac_address": "",
"speed": 0
},
"Tunnel1": {
"description": "",
"is_enabled": true,
"is_up": false,
"last_flapped": -1.0,
"mac_address": "",
"speed": 0
},
"VirtualPortGroup0": {
"description": "",
"is_enabled": true,
"is_up": true,
"last_flapped": -1.0,
"mac_address": "00:1E:E5:65:3F:BD",
"speed": 750
}
}

Finally, we close the connection. It is advised to issue use the `close` to disconnect our session from the device.

device.close()

Great right? But it does not end there NAPALM’s supported network operating systems:

◈ Arista EOS
◈ Cisco IOS
◈ Cisco IOS-XR
◈ Cisco NX-OS
◈ Juniper JunOS

Continue reading

Most Effective Study Techniques | Cisco CCDA 200-310 (DESGN) EXAMS

Exam Name: Designing for Cisco Internetwork Solutions

Exam Code/Number: 200-310 DESGN

Exam Overview:  This exam requires a foundation or apprentice knowledge of network design for Cisco enterprise network architectures. CCDA certified professionals can design routed and switched network infrastructures and services involving LAN/WAN technologies for SMB or basic enterprise campus and branch networks.

Practice Exam: Cisco Certified Design Associate Practice Test

Sample Questions: Cisco 200-310 Sample Questions

Continue reading

Critical Network Infrastructure in IoT Industries

The Internet of Things and the way in which different industries are transforming their business is having a direct impact on the type of networking infrastructure they now require. Digitization, Artificial Intelligence, Machine Learning and Automation are now the main drivers for many companies across multiple verticals to look into new ways of offering their services, running their day to day operations, dealing with their customers and suppliers and become more efficient.

But let’s look first into what we mean by Critical Network Infrastructure. Generally speaking, we refer to the information technologies and cybersecurity systems required to run mission critical applications that support the continuity of normal business and government operations. These systems provide the resiliency to avoid vital network interruptions and non-recoverable failures. They are also characterized by providing High Availability, Optimal Performance and Increased Security.

In the past, before IoT and Digital Transformation became ubiquitous, almost the only companies that required this type of Network Infrastructure were what we refer to as Service Providers or Telecommunications Carriers. These are the organizations that provide telephony, cellular services, internet broadband access and nowadays even cable and video streaming services. Networks are a Critical Infrastructure for this type of companies because their business model has always been based on providing connectivity in one way or another. Up until very recently we have referred to Critical Network Infrastructure simply as SP networking or Carrier infrastructure.

All these has changed as more and more industries require to provide an improved Customer Experience, and while the networking infrastructure was used in the past to provide mainly back-office operations and internal communications services, nowadays whole business operations have to run over this infrastructure and the interaction with the end users relies solely on the low latency,  uptime. and security of these networks.

Critical Information and as a result the data traffic carrying it, is moving closer and closer to the end user, across multiple regions and over very long distances. By the year 2021 up to 41% of all the data traffic will be delivered across multiple countries.

The demand for reliable real-time data is more critical than ever, with the arrival of Smart Homes, Autonomous Vehicles and Smart Cities the expectation is to have Secure, Fast, Simple and Reliable data. This can only be achieved by having High-Performance Networking, Automation & Analytics, Always-On and Secured Trusted Infrastructure to interconnect all of these systems.

Some of the most immediate IoT Use Cases that require Critical Network Infrastructure, and hence where some of the greatest opportunities are for Cisco and our Partners are in the Industrial Verticals and Public Sector. Let me give you a few examples here:

◈ Smart Cities

As more and more cities provide multiple services to their inhabitants, reliability and data privacy becomes critical. Some of the main challenges cities are facing include the effects of urbanization, it is estimated that by 2050 68% of the worldwide population will be living in cities. Shifting economics, sustainability and public safety are also some of the main trends impacting today’s cities. Technology can help solve some of these problems, including Lighting, Parking, Environmental control, Urban Mobility, Water Supply, Safety & Security and Waste Management. A Multi-Services Network including a Connected Communities Infrastructure Layer is required to provide all of these services! And guess what? This is an actual Network Critical Infrastructure, the one we have been talking so much about so far.

◈ Utilities

Power Utilities are also facing a new set of challenges that are transforming the way in which they Generate Energy, operate the Power Grid and interact with their Customers. In the past Customers were only seen as simple Rate-payers, but IoT is turning them into real Clients with high Customer Experience expectations. Electrical Vehicles, Distributed Energy Resources, Renewable Energy and Smart Homes are all shaking-up an industry that has been mainly focused on providing stable electricity supply for over a century. However, Power Supply is and has always been a matter of national security for every country. The electrical power grid is now changing as it has to adapt to all of these new challenges and expectations. The grid is a critical infrastructure that is becoming interconnected and that has to be run over a Critical Network Infrastructure. 

◈ Manufacturing

Over the past few decades globalization has turned the supply chain of almost every product into a multi-national affair. Different parts are manufactured across the globe and assembled in faraway locations. At the same time Digital Automation is turning Discrete and Process Manufacturing into one of the most accelerated verticals for IoT and Digital Transformation. Industry 4.0 is the concept of smart factories where robots and machines are interconnected to a system that can visualize the entire production chain and make decisions on its own.  If we add-up these trends the result is that manufacturing companies need to be able to provide High-Performance, Scalable, Resilient connectivity with very low latency (due to the precision required for many manufacturing processes), while at the same time having a high degree of flexibility across long distances with strong security and policy control. Sounds familiar?

These are just a few industries where the Critical Network Infrastructure that was required mainly by Service Providers in the past is now a “must” for many Industries. I could go on and on, but the idea is just to give you a glimpse into what is possible. Other industries close to my heart such as Transportation, Mining, Oil & Gas and many more are having very similar needs with their own specific requirements and industry trends all being driven and fostered by IoT technologies. And all of them represent a great opportunity for Cisco and all of our Partners.

Continue reading

4 Trends Molding the Future of Customer Service

Technology adoption and consumer behavior shifts have changed customer service forever. The simultaneous rise of mobile computing, social media, and changing demographics have aided a disruption that’s far from over. But as inevitable as change is, most companies are still using a 1995 playbook to solve modern customer service issues.

The issue with that 1995 playbooks is in its results. Eighty percent of businesses think they deliver superior customer service. Only 8% of customers think businesses deliver superior customer service.

It’s time for this to change. Here are four customer service trends that must impact how you interact with your customers from this point forward.

Proactive Customer Experience

While responding to customers online is less expensive than legacy customer service mechanisms like phone or email, the costs are real and the public nature of those pose risk.  Perhaps the best way to invest your resources is to legitimately improve your customer experience so fewer people have any reason to be upset with your business in the first place.

If you’re paying attention to customer feedback, you’re probably aware of the weak parts of your business. You know where and when customer satisfaction is likely to dip. Instead of waiting for your customers to experience those dips, proactively head them off at the pass. The best way to handle unhappy or unsatisfied customers is to eliminate the forces that make them unhappy or unsatisfied.

The best customer problems are the ones that don’t have to happen in the first place.

Self-Service Solutions

If customers can easily and thoroughly address problems on their own, they will. Self-service is an efficient path to issue resolution because customers don’t have to wait on your business to respond.

Self-service makes a lot of sense — on both the customer experience and cost efficiency fronts. According to Forrester, self-service increases customer satisfaction and lowers costs for businesses.

Forrester also found that 72 percent of consumers prefer using a company’s website to answer their questions. Unfortunately, businesses are not universally adept at this approach. Only half of customers can find the information they need online.

The best self-service programs are living organisms. They expand and morph and change to fit customer questions and complaints. To do this, managers must meet often with personnel interacting with customers to discuss what questions and issues are emerging. Many of the questions will be repeats. In fact, one-third of customer questions are common or repeat issues. The objective with self-service is to determine all of those likely questions, and then provide answers to customers in (ideally) multiple online formats.

Community-Based Service

If the most efficient way to get answers to consumers is to give them access to that information in a self-service capacity, the next best approach is to enable support from a customer community.

One of the reasons community-based customer service tools are so powerful is that collectively, the community knows more than any one customer service representative possibly could. These programs also have financial implications. Research from Gartner suggests businesses that implement community-based support can reduce costs by 10 – 50 percent. There’s another business benefit to these programs: Online communities can also breed deep insights that allows businesses and organizations to change their offerings, communicate more effectively, and enhance customer service when it does not need to be provided on a one-to-one basis.

Mobile Messaging Apps

Messaging has fundamentally changed the way we communicate with each another, and it’s making this transformation with gusto. According to Statista, Facebook Messenger has more than 1.3 billion active monthly users. WhatsApp (owned by Facebook) has more than 1.6 billion active monthly users, and WeChat is nearing 1.1 billion.

Messaging has transformed the world of customer service, changing the way people expect to interact with your business. Mobile usage studies show Americans are sending texts five times more often than they’re picking up the phone. In Asia Pacific and Latin American countries, those same studies show a strong preference for the aforementioned chat apps billions of people are using globally. In the U.S., this trend is even more prevalent with younger generations: 36 percent of Millennials would contact a company more frequently if they could text. Messaging apps are bigger than social networks and SMS. When it comes to younger generations, messaging dwarfs communications vehicles like email and phone calls as well.

Messaging apps are the biggest force in communication today, and their functionality for one-to-one messaging has everything you need for customer service. They’re private, which companies love. They’re persistent, which customers love. They’re real-time, and they’re asynchronous. Asynchronicity is one of the key factors that make messaging apps so convenient and powerful. A consumer can start a conversation with a business, do something more important, and pick up the same conversation where she left off 10 or 20 minutes later. Gone are the days of being on hold and gone are the expectations that being on hold is normal.

Not to mention the fact that messaging apps often get better satisfaction ratings than any other CX channel, including phone calls.

If you haven’t already, archive the playbook from 1995 and adjust how your business delivers customer service to meet the expectations of today’s customer.

Continue reading