Weathering the Storm with Webex

Webex tools for disaster relief 

Storm Emma hit the coasts of Ireland in late February 2018. Towns and cities across the country were slammed with the bleakest snowstorm in almost half a century as a cold front travelling in from mainland Europe plunged the country to record low temperatures and buried many regions in over 2 feet of snow. Gale force winds compounded the relief efforts causing widespread disruptions to roads, rail and air travel. As a national emergency was declared, a co-ordination team assembled in Dublin to liaise with multiple authorities handling the response efforts across the country.

Recently, I met with Bryan Humphreys, Information and Communications Technology Project Leader for Cork County Council, to discuss his local authority’s response to the storm.  Bryan explained the unique challenges his team faced, “Cork County is the largest local authority by geographic area in Europe. However not only is it a large region, we are responsible for a county which has remote areas with mountainous and rugged terrain, and over 1,000 kilometres of coastline. We needed to equip our emergency teams to deal with all situations and to empower them with real-time and relevant information at their fingertips to allow for rapid and safe responses, especially during such conditions experienced with Storm Emma.”

County Cork’s rugged coastline and terrain

Responding to a natural disaster

Bryan and his team deployed Webex in late 2017 after witnessing other collaboration tools failing to deliver on original promises. Initial deployment started with a Webex Board in the Cork city headquarters and the team rapidly expanded their footprint in the ensuing months. Bryan’s team and the local authority make use of Webex devices and Webex Teams daily but the challenges which came with Storm Emma really exemplified to Bryan the power of the integrated Webex platform.

“Some of our response officers were equipped with tablets running Webex Teams letting us share critical information such as weather forecasts, maps and building blueprints. Our teams on the ground were able to respond effectively and efficiently in these life-threatening conditions. Our incident response vehicles were equipped with Cisco Webex devices which allowed our teams to join meetings from isolated and inhospitable areas. In some instances, we had remote teams dialled into a Webex session which ran for over 9 hours!”

“I can give examples of how first responders used Webex Teams to share insights into weather patterns to ensure their job was executed as efficiently and safely as possible, ensuring our responders returned home safely at the end of the day.”

“The Cisco Collaboration solution allowed us to run our crisis management team remotely. Back in our Cork offices in the south west of Ireland, we used the Webex Board to dial into national central crisis management meetings with government agencies situated out of Dublin.”

“Webex is now so central to our operations that we could not have managed such efficient responses to incidences without it. We have several Webex Boards in our offices in Cork, we’re using Webex Share in our meeting rooms, and our departments collaborate on Webex Teams. We’re looking at developing pods in our offices with DX80 units and the Webex platform opens up the possibility for remote working.”

For Bryan and his team, choosing Webex brought collaboration to new heights. “For us it was a no brainer. The quality and ease of the Webex platform was excellent, and in responding to some of the worst storms to ever hit Ireland, the Cisco Collaboration solution has been pivotal to our communications. Other local authorities in Ireland are now witnessing the power of the Webex platform and what we’re achieving in Cork and they too are exploring Webex as a model for their teams.”

The power of Webex has become central to Cork County Council’s response to national emergencies with storms becoming more commonplace with changing climate patterns not just in Ireland but around the globe. Cork County Council’s use of Webex and its applicability both in responding to emergencies and in an everyday working flow exemplifies the power of Cisco’s Collaboration tools and how Webex Teams can solve local authority’s collaboration needs.

Continue reading

Automated Networks for Flexible Manufacturing Cell’s

Competing in the industry as a manufacturer isn’t just about controlling costs. It’s about building an agile company that can deliver exactly what the market demands—today and tomorrow. Yet as product lifecycles get shorter every day, it doesn’t make things any easier in a mass production environment. So meeting customer needs today now requires you to not only keep operations efficient but also flexible—So you can respond quickly to each specific customer order and scale to the ever-demanding needs of the operations and manufacturing teams. 

Manufactures have been faced with a dilemma. A dilemma they only deal with when orders are not shipping.  For instance there is the minimum equipment needed to make the product which has a known but more often an unknown maximum yield. The schedule is based on the time it takes to make product which is equal to or less than the maximum yield of the machine.  When the yield falls below the schedule the unit profit is then lost and may be unrecoverable.  What makes this more difficult is that production lines are built for long runs of a given product.  These productions lines are not easily changed to build a different product.

This inability to change easily creates a financial boundary for many manufactures.  They won’t even attempt low volume production thus keeping some products off the market entirely or the manufacturing is moved offshore to a location with a low labor rate for manual manufacture. 

Manufactures have long wanted to be able to accurately measure yield.  Improve yield and you improve profits.  This assumes the schedule to meet orders approaches 100%.  If the orders for a given product falls can the line be easily reconfigured for another product?

One of the systems that may also need to be reconfigured is the network.  Cisco has been working to make network changes easy, even automated.  Therfore it was fortunate to come across the folks at the Commonwealth Center for Advanced Manufacturing (C-CAM) near Richmond Virginia.  They have just received a grant from the National Institute of Standards and Technology (NIST) to research the viability of the flexible manufacturing cell.  The purpose is to develop a profitable easily reconfigurable production cell for short and varied production runs.

To get the data from the production equipment will require a well–connected network.  So that well–connected network can and should include data collection via embedded edge computing.  Security for in plant and remote access to the data.   We believe that C-CAM is onto something that can revolutionize manufacturing in the U.S. and Cisco is proud to be participating with NIST and C-CAM in this endeavor. 

Continue reading

Nexus and MDS Management & Automation Made Simple!

As customers move to architect their data centers to support cloud model to enable them to respond quickly to business needs, software management and orchestration plays a key role in making that happen. Simply put you need software that easily integrates with existing infrastructure and provides ease of fabric automation and flexibility, visibility, troubleshooting and operation.

DCNM Dashboard with Customizable Dashlets

Cisco Data Center Network Management (DCNM) has evolved over the years to support such function and need for Nexus switches. The power of the NX-OS with DCNM can accelerate IT efficiencies operational model.

Let’s look at the newly released DCNM version 10 with the built-in data base and high availability:

Fabric automation – DCNM allows customers in Day 0 operation to make big fabric deployments easy, leading to lowered Opex. With Power-On Auto Provisioning (POAP), validated templates and definable fabrics, DCNM lets customers normalize fabric images, devices, provisioning methods, and Fabric underlay settings for reliable, consistent fabric behavior.

DCNM POAP Navigator

Defining New Fabric

Selecting a Validated VXLAN-EVPN Template

Fabric flexibility – Great for brownfield or greenfield deployments whether you have VxLAN, FabricPath and/or VLAN fabrics. Customers who have N7K/N5K and now thinking about VXLAN/IP Fabric — DCNM has you covered and lets you integrate Nexus 9K platform seamlessly. Only the Encapsulation and underlay Templates change.

FabricPath and VXLAN/IP Fabric templates for Nexus 7000

Fabric visibility – Very easy to visualize switches, links, health, vPC connections, FEX, End to end fabric view of network, virtual machine and storage.

VXLAN/IP Fabric and FabricPath on interactive topology view

Large Topology View with Storage

Fabric troubleshooting – in Day 1 & 2 operation, DCNM provides a view of the overall fabric, shows overlays regardless of encapsulation type (e.g. VXLAN or FabricPath), simplifies fabric troubleshooting and helps find things across the enterprise using multi-site/search (Aggregated DCNM search views across multiple sites)..

DCNM Multi-Site Manager

Fabric operation and automation – Engineer and customize the fabric solutions ahead of time to meet your business needs. Consolidate and automate current and next-gen overlay technology (VxLAN and FabricPath) on the same topology/manager. Integrate Border/Edge Router to the fabric seamlessly. Scale to many hundreds of devices.  Automate workload deployment for physical or virtual workloads and integrate with virtual machine management (e.g. OpenStack, VMware, UCS Director). Engineer deployment scenarios with a large library of customizable Configuration Profiles.

Fabric Automation Profiles for almost any Host automation scenario

Best of all, DCNM is designed to provide investment protection for customers allowing them to run across all Nexus platforms as well as MDS storage.

Continue reading

Using the Cisco DNA Center SDK

Background

What is a Software Development Kit (SDK)?  Put simply a set of tools, libraries and documentation to simplify interacting with a REST API.  I am super excited, as I know how much simpler it is going to make developing scripts for the Cisco DNA Center API.

The Cisco DNA Center SDK is written in python and provides a python library in PyPI and associated documentation.  PyPI is the official python package index, and simplifies installation of the library.

I am going to assume you are familiar with Cisco DNA Center API, so focus on installing and using the SDK.

Installing the Cisco DNA Center SDK

The SDK is available via PyPI, so all that is required is “pip install”

I would recommend using a virtual environment. This is optional, but means you do not require root access and helps keep different versions of python libraries separate.   Once created, it needs to be activated, using the “source” command.

If you logout and back in, activation needs to be repeated.

python3 -m venv env3
source env3/bin/activate

To install:

pip install dnacentersdk

You are now able to use the SDK.

Using the Cisco DNA Center SDK

This is super simple.  In the past, I needed  lots of python code to get an authentication token, then wrap GET/PUT/POST/DELETE  REST API calls.

Using the SDK is so simple, I am going to use the python REPL (the python interactive console).   To start it, simply type “python” on the command line

$ python
python 3.7.2 (default, Jan 13 2019, 12:50:15) 
[Clang 10.0.0 (clang-1000.11.45.5)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>>

First create a connection to DNAC. Go into the REPL (above) and paste the following commands:

from dnacentersdk import api
dnac = api.DNACenterAPI(base_url='https://sandboxdnac2.cisco.com:443',
username='devnetuser',password='Cisco123!')

For this example, I am using the DevNet sandbox. If you want to use your own DNAC, just change the base URL and credentials. You might also require “verify=False” if you have a self signed certificate.

In the past this would have been complicated. I needed to get a token, and then make sure I used that token as a header for subsequent requests. This is all taken care of with the creation of the api.DNACenterAPI object.

Now, for the first API call. This call gets all of the network devices, and the for loop prints out the managementIP address. Note that an object is returned, rather than a json structure.

devices = dnac.devices.get_device_list()
for device in devices.response:
    print(device.managementIpAddress)

This shows all of the steps with their output

$ python
Python 3.7.2 (default, Jan 13 2019, 12:50:15) 
[Clang 10.0.0 (clang-1000.11.45.5)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from dnacentersdk import api
>>> dnac = api.DNACenterAPI(base_url='https://sandboxdnac2.cisco.com:443',
username='devnetuser',password='Cisco123!')
>>> devices = dnac.devices.get_device_list()
>>> for device in devices.response:
...     print(device.managementIpAddress)
... 
10.10.20.51
10.10.20.81
10.10.20.82
10.10.20.80
10.10.20.241
10.10.20.250
10.10.20.242
10.10.20.243
10.10.20.244
10.10.20.245
10.10.20.246
10.10.20.247
10.10.20.248
10.10.20.249
>>> 

Documentation

How do you know what methods are available to call? Official documentation is available https://dnacentersdk.readthedocs.io/en/latest/api/api.html

The API is structured around groupings of endpoints. For example, all of the endpoints for network-devices are under “devices”. In the example above, dnac.devices.get_device_list() returns all network-devices.

You can also take advantage of python’s introspection capabilities.

In the example above, a dir(dnac) will return all of the properties and methods for the dnac object. The ones of interest are highlighted

>>> dir(dnac)
['__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__gt__', '__hash__', '__init__', '__init_subclass__', '__le__', '__lt__', '__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', '_session', 'access_token', 'authentication', 'base_url', 'clients', 'command_runner', 'custom_caller', 'devices', 'fabric_wired', 'file', 'network_discovery', 'networks', 'non_fabric_wireless', 'path_trace', 'pnp', 'session', 'single_request_timeout', 'site_profile', 'sites', 'swim', 'tag', 'task', 'template_programmer', 'verify', 'version', 'wait_on_rate_limit']

You can then use the help() function to get more information about the particular methods available. In the example below, help for dnac.devices will show a method of get_device_list() which returns all of devices in the inventory.

>>> help(dnac.devices)

Continue reading

Why 20,000 Customers Trust Cisco for SD-WAN Solutions

For the past two years, I have been proud to work on bringing the next generation of SD-WAN technology to our customers. We’ve achieved great success, at significant scale. We’ve learned a lot along to way, as have our customers. It’s safe to say that adopting SD-WAN is important to them.

Today, we can disclose that over 20,000 customers trust Cisco for SD-WAN solutions across our Viptela and Meraki lines (as of Q1, FY2020). We have deployments across industries, and around the world.

Backbone of the Modern Enterprise

IDC research shows that almost 95% of the enterprises they surveyed expect to be using SD-WAN within 24 months. This tracks with our own metrics: As of August 2019, 70% of the Fortune 100 are using Cisco’s SD-WAN solutions.

Clearly, SD-WAN is a critical technology for businesses adopting cloud services. It is the common connective tissue between the campus, branch, IoT, data center, and cloud. It brings all the network domains together and delivers the outcomes business requires. It must align user and device policies, and provide assurance to meet application service-level agreements. It must deliver robust security to every device, and every cloud, that the enterprise’s data touches.

Every customer is looking for agility, but not at the expense of security, visibility, or control.

The transition to SD-WAN is accelerating, thanks to the pervasive adoption of cloud services. Today’s businesses are adopting clouds apps like Microsoft’s Office365 productivity suite and many other SaaS apps. Our surveys show our customers have, on average, 30 paid SaaS applications each. And that they are actually using many more: over 100 in several cases.

As our customers reach these levels of cloud usage, they quickly find that their WAN architectures must change, as well as their entire approach to security. Our customers need to maintain choice and control as their WAN stretches over networks that are outside their control.

Cisco SD-WAN offers simplicity, cost savings, scale, application performance, security, visibility, and investment protection.

To help them grapple with the different public clouds, SaaS apps, colocation facilities and the different types of connectivity available, customers are looking for a trusted advisor to help them navigate the maze of options. What they can’t accept are WAN solutions that require compromise, like getting better application experience, but at the expense of security.

Cisco provides the most secure cloud scale SD-WAN. It is part of our wider strategy to deliver multi-domain networking with an intent-based architecture.

Secure and Cloud-Scale – Why customers trust Cisco

The only way for Cisco to make the move to SD-WAN work is to listen to and collaborate with our customers and partners. We have been doing this for years and will continue to do so. It’s why we are, and will remain, the market leader.

For example, National Instruments was facing the need for drastically more bandwidth across its 88 sites. But the network team’s budget, and its reliance on existing networking links, wasn’t up to the challenge. Stopgap solutions were adding complexity and frustrating employees.

We partnered with National Instruments to bring their WAN under control, with Cisco SD-WAN powered by Viptela. National Instruments’ new network has 30 times the bandwidth of their previous solution, it’s easier to manage, and it’s less expensive to run.

As Luis Castillo, Global Network Team Manager for National Instruments said, “Having more bandwidth at our sites means that our WAN issues aren’t impacting business operations. Software updates that used to take eight hours to replicate across the network now take 10 minutes. We don’t have to bother with call admission control or limiting video quality or the other measures we had to take to deal with bandwidth constraints. We have been unbelievably impressed with the performance, reaching numbers we’ve never been able to before, while at the same time reducing costs like never before.” 

In Australia and New Zealand, the plumbing company Reece Group, with 5,000 employees over 600 branches, had embarked on a digital transformation. Peter Castle, a Network Administrator, told us the company wanted to provide an always-connected workplace, for all its staffers across all its locations.

Reece went with Cisco SD-WAN to be able to deploy new apps and features, bring up new locations quickly, and prioritize network traffic for cloud applications. Castle said that with Cisco SD-WAN, “My life as a network administrator is significantly easier. To deploy new configurations and policy changes across the entire network, what would have taken a very long time previously, touching many devices individually, now takes a matter of minutes.”

In banking, we’ve worked with customers like Associated Bank, Wisconsin’s largest bank. The institution has over 5,000 employees over more than 250 branches. After evaluating eight SD-WAN platforms for security, traffic management, scalability, and simplicity of operation, they installed the Meraki MX platform to meet their needs. Associated’s network architect Tim Larson says this solution saved the company over $500,000 annually while improving its average bandwidth to branches by 7,800%.

I’m  proud of what we were able to do for National Instruments, Reece Group, Associated Bank, and thousands more SD-WAN customers. Our portfolio is the broadest and the deepest in the industry, and we look forward to working with even more businesses who have their own unique needs.

Simplicity, cost savings, scale, application performance, security, visibility, and investment protection. Combined with our world-class partners and global support and services, we are delivering peace of mind while accelerating our customers’ cloud strategies.

Continue reading

AlgoSec Security Management Solution available on Cisco Global Price List

Today marks an important milestone for Cisco’s Data Center offerings to our customers with the unveiling of a new ACI technology ecosystem partner solution. We are pleased to announce availability of “AlgoSec Security Management Solution” on Cisco’s Global Price List.

“AlgoSec Security Management solution (ASMS)” has delivered tremendous value to our joint customers across the world, with its ability to extend ACI’s policy-driven automation to security devices in the fabric, helping them automate policy enforcement for security devices in the fabric and ensure continuous compliance across multicloud ACI environments. To make it easier for our customers to procure that solution, we onboarded AlgoSec to Cisco Global Price List through Cisco DevNet Solutions Plus Program. Now Cisco’s direct and channel sales network can offer AlgoSec’s solution together with Cisco networking products as a single package. For details on AlgoSec solution orderability, check Cisco commerce.

What makes this solution compelling for you as a Cisco customer or a partner? Rapidly changing business needs and application connectivity requirements in modern data centers pose big challenges to ensuring compliance and security. With thousands of firewall rules across many different security devices, frequent changes, limited visibility and lack of trained security personnel , managing security policies manually is now impossible. This is where ASMS (AlgoSec Security Management Solution) comes in.

ASMS automates and orchestrates network security policy management, maps and migrate application connectivity, and proactively analyze risk to applications risk –  across any cloud and on-premise networks.

AlgoSec integrates with Cisco ACI to extend ACI’s Application centric policy- based automation to AlgoSec managed security devices across their data center, on its edges and in the cloud. AlgoSec Security Management Solution for ACI enables customers to ensure continuous compliance and automate the provisioning of security policies not just across the ACI fabric but also across multi-vendor security devices connected to ACI fabric, helping customers build secure data centers. The solution is based on Cisco APIC and ASMS integration to deliver a powerful multi-tenant, policy-driven, application-centric model for network security. Read Solution brief for details.

The AlgoSec Security Management Solution comprises three key components – AlgoSec Firewall Analyzer, AlgoSec Fireflow, and AlgoSec Application Connectivity Management.

AlgoSec Firewall Analyzer (AFA) – Network Security Policy Analysis, auditing and compliance

AlgoSec Firewall Analyzer delivers visibility and analysis of complex network security policies across Cisco ACI, firewalls attached to ACI fabric and other upstream security devices. The solution automates and simplifies security operations including troubleshooting, auditing policy cleanup, risk and compliance analysis and audit preparations.

AlgoSec FireFlow (AFF) – Security Policy Change Automation

AlgoSec FireFlow helps you process security policy changes in a fraction of the time, so you can respond to business requirements with the agility they demand. FireFlow automates the entire security policy change process — from design and submission to proactive risk analysis, implementation, validation and auditing with the support for automated policy enforcement on Cisco ACI and multi-vendor security devices, including Cisco ASA & FTD, Check Point Software, Fortinet and Palo Alto Networks.

AlgoSec Application Connectivity Management: AlgoSec AppViz & AppChange

The AppViz (Application Visibility Add-On) add-on accelerates identification and mapping of all the network attributes and rules that support business-critical applications – making it easier for organizations to make changes to their applications across any on-premise and cloud platform, and to troubleshoot network and change management issues across the entire enterprise environment.

AlgoSec’s AppChange (Application Lifecycle Change Management Add-On) automatically translates and implements network security policy changes on all relevant devices across the entire network to reflect specific connectivity requirement for applications. This saves time for IT and security teams and eliminates manual errors and misconfigurations. AppChange addresses the critical issues of human error and configuration mistakes that are the biggest causes of network and application outages.

These components are offered as independent software licenses and bundles on Cisco’s Global Price List.

In summary, the AlgoSec Security Management Solution integrates with and complements Cisco ACI Anywhere, providing consistent security policy management and visibility across data centers and clouds.

Continue reading

Our focus on security in an open collaboration world

Interoperability and openness should never be a trade-off with security, and our users shouldn’t believe they need to sacrifice one over the other. Interoperability and security can and should work in unison, and this requires today’s software companies to work with some basic norms on how we collectively secure our mutual customers.

Cisco has created a rich partner, developer, and integrator ecosystem so our customers have the flexibility and choice to super-charge their tools and workflows with our collaboration technologies, seamlessly.  We are serious about interoperability with the tools you love and use every day. Some examples of the work we have done in this regard include our native integrations with Google, Apple, Microsoft, Slack and more.

This flexibility, choice, and interoperability, however, must come with zero compromises on security and data integrity.

Unsupported collaboration integrations could lead to increased customer risk. Compatibility and security can be challenging, and that is why we will only support third-party collaboration vendors who meet our security standards and who integrate with our products and services through our supported open APIs.

Zoom Connector for Cisco Issue: Interop between Zoom and Cisco Video Devices

Cisco was notified of a serious security risk with the Zoom Connector for Cisco on October 31st, 2019 and followed our well-established process to investigate the issue. We believe Zoom had also been notified on October 31 or thereabouts.  On November 18th, our CISO notified Zoom’s CISO of our findings and advised immediate action to address all security risks. I am sharing the details of this issue as we are committed to transparency and to protecting our customers in the constantly evolving security landscape.

The Zoom Connector for Cisco, owned and operated by Zoom Video Communications, connects their cloud to a customers’ internal network and specifically a Cisco Endpoint/Video Device and its management interface.

What was the issue? Regrettably, the access (through a Zoom URL) for the Zoom Connector for Cisco hosted on zoom.us was accessible without authentication.

Issue details: Cisco Webex Devices can be managed through a web interface that provides management of configuration, status, logs, security and of integrations such as in-room controls and macros. The Zoom Connector for Cisco created a device specific URL hosted on the Zoom website for each endpoint configured in the connector. This URL provided access to the device’s web interface by using Zoom’s on-premises API Connector to modify the Cisco web pages so they could be accessed from the Zoom URL outside the customer’s network. Regrettably, this Zoom URL provided from their website was accessible without authentication. In addition, Zoom provided a landing page that copied Cisco’s landing page, including Cisco’s logo and brandings, misleading customers into believing they were on a Cisco webpage with Cisco security, rather than a publicly accessible URL.

The Zoom Connector for Cisco created the following critical security risks:

1. The Zoom URL did not require credentials. Anyone with knowledge of the URL could access it from the public internet, allowing unauthenticated access to a Cisco Webex Device configured and managed through the Zoom Connector for Cisco. Once a person had the URL, they could reach the endpoint directly and control it, including creating a call from that endpoint to eavesdrop onto critical business meetings.

2. Zoom exposed Cisco Webex Devices to perpetual administrative exposure by placing itself between the user and the Cisco interface, modifying the Cisco webpage using unsupported methods through a Zoom URL, thereby bypassing all Cisco Security norms. The Zoom URL did not expire during our testing period. Even when the Zoom administrator changed their password, the Zoom URL managing the Cisco Webex Device lived on.

3. The Zoom URL link did not get revoked if the Zoom administration password was changed or upon deletion of a Zoom administrative user. Thus, an ex-employee would continue to have access to the devices through the firewall from the public internet, if they had the Zoom URL stored in their history.

On November 19th, 2019, Zoom released a “bug fix” that partially addressed the security issues and, after further communication from Cisco, provided an email with incomplete information on the security risks to their affected customers.

Our promise to our customers

At Cisco Webex, we live by secure, simple, and scalable principles. Over my decades in the software industry, I have learned that it is never acceptable to bypass security norms for the sake of convenience and simplicity. And when so much sensitive data is being shared through video conferencing, including the ability to use a device’s camera, security must be of utmost importance. That is the promise we at Cisco hold dearly for every one of our customers, and embodied by the steps we took for this issue:

1. We take every notification seriously, especially from our customers.

2. We engaged our Cisco Product Security Incident Response Team (PSIRT)and the Talos Security Intelligence and Research Group (Talos) to investigate this security risk. The Cisco PSIRT team is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information related to Cisco products and networks. Talos is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products. Cisco has well established practices for investigating and reporting security issues (https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html), and cooperates with industry in researching security issues.

3. As I noted previously, these findings were shared with Zoom on November 18th, 2019.

4. We all live in a heightened state of alert, ready to act proactively as and when notified. Each of us have, over the years, had our own issues and need to cooperate in the future for the sake of our mutual customers. We appreciate Zoom password-enabling these Zoom URLs starting November 19th, 2019. It is a good first step, but we need them to do more. We would like them to take additional steps to use our supported APIs and work with us to certify the solution so that we can secure our mutual customers effectively.

Call to action

If you are a customer using the Zoom Connector for Cisco, please review your administrative logs and analyze the usage to see if there was any breach as a result of the implementation described here.

At present, the Zoom Connector for Cisco is not a Cisco supported solution that meets our standards of enterprise-grade security. Our supported solutions meet the standards our customers expect out of Cisco by using our well documented open APIs.

Continue reading