Sunday, 16 February 2020

Do I really need additional email security when using Office 365?

Cisco Prep, Cisco Study Material, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Exam Prep

This is probably the most common question I get asked today!

What customers are really asking is “Can I rely on the built-in security capabilities in Office 365 or do I still need to run a 3rd party email security solution such as a Secure Email Gateway?” And the answer — well that depends; every customer’s environment is different.

Do I have to go to the Cloud?


But first, let’s get the most common misconception out of the way. While it is more efficient to run your email security gateway in the cloud, close to your Office 365 tenancy, there is actually no technical reason why you can’t continue using your current on-premise email security appliances to also protect Office 365, during the migration and even afterwards. After all, it is just a matter of MX record addressing and routing, or in other words ensuring you have all the connections between your on-premise email security gateway which would be responsible for receiving all incoming email and Office 365 which would be hosting your users inboxes set correctly. Sure, this isn’t the most efficient method as you are tromboning or hair-pining traffic up and down and most organizations would only run in this mode for the time frame of the migration. If you already own the solution and have staff trained to support and manage it, it makes sense to see what value it adds to Office 365 first before you consider migrating to a cloud email platform, don’t change too much at the same time, let the Office 365 migration settle in first.

How to Answer the Question – For Your Environment


What a customer needs to do, whether its related to the Cisco Email Security solution or any other 3rd party solution, is to consider all the areas of Office 365 where these 3rd party solutions can supplement the base capabilities of Office 365. Don’t just ‘tick-box compare’ features. Look at all features and understand how they work. Can the Office 365 features do everything I need today and what I might need it to do tomorrow? Consider how you can address any gaps and what it means for your organization.

One example of how 3rd party email security gateways can add value to Office 365 is to consider spam quarantine management. In Office 365 there are essentially two ways that a user can get access to and manage quarantined email that have been classified as false positives. The most common method is via the Junk folder in their Outlook client, it can be difficult to search but generally works well. The second method is a web-based end-user quarantine system. Confusing, but the main issue is that there are very few categories of spam in Office 365. Either an email is categorized as spam or its not and this causes an issue on providing end-user spam management. There are very few controls about what end-users have access to and what they do not. Ideally, you’d likely rather not want your end-users making decisions around whether to release potentially malicious or inappropriate/pornographic content, you have to ensure you are providing a safe working environment for all employees.

Clearly security is the most important area of capability where we can supplement the core capabilities in Office 365. We have had many customers decide to just rely on Office 365 for email security only to come back several months later. What we have seen as a very common theme across these customers is that the first impact they see is at the help-desk which was not expected. The issue is that they have changed out one of the core security technologies that the organization had probably been using for years and become accustomed to, the spam detection engine. Most of the leading email security providers do a pretty good job today, I couldn’t tell you the last time I had a spam message in my inbox. Suddenly the new spam detection engine is letting through some spam, users can’t remember what to do with spam, so they call the help-desk, all at once! Then after that initial rush, end-users start to notice some email possibly missing and now the help-desk are doing (learning in a hurry) message tracking looking for false positives.

A perfect example of a misstep many organizations make by doing a ‘tick-box’ comparison is that a feature like a spam detection engine can have significantly different capabilities depending on the vendor. Cisco Email Security has been innovating our email security solution for over 20 years. Our world class threat intelligence is supplied by the largest non-government threat research organization in the world, Talos.

There are many other areas in email security to consider; known malware recognition, unknown or suspect attachment handling, embedded URL handling, support for external threat intelligence and active content disarm and reconstruction. All these functions make meaningful differences in keeping the bad stuff out and your inboxes safe.

Also consider how easy your system is to manage. What reports have you come to rely on in your old systems, what are your managers expecting to see? Have you tested Office 365 to see what it’s like to do message tracking? Have you created email policies?

How confident are you in the capability of the policy engine? Are you even confident that you can recreate all your current email policy in Office 365? What policies will you need in the future? In our experience, in addition to reporting, this is the other area often not tested extensively enough in initial evaluations. With the growing amount of regulatory compliance regulations, having an advanced policy engine with plenty of policy conditions and actions coupled with significant flexibility is more likely to support your efforts. While the Cisco policy engine currently has 24 conditions and 26 actions within its content filtering policy engine, it’s what those options are that make the difference. For example, full control over adding/editing header information and the ability to reroute email based on policy are a couple of options that we see organizations using for a variety of business enablement projects. Our customers are getting real business value out of their email security solution, and the options themselves; another example of how dangerous it is to box tick!

Suggested Decision Process


So now that we have some understanding of what we should be looking at, what’s the best way to go about this analysis? Below are a series of steps to consider to help you make an informed decision:

1. Your current email policy: This is a great opportunity to assess all the policies and settings that you are relying on now. Are they all needed going forward? What have you seen or tested for yourself that is supported by Microsoft?

2. Email security capabilities: How these technologies work on your email flow is what is important. There are many ways of validating this by either running different solutions in a monitoring only mode or Bcc’ing/copying email to the solution under test for analysis and then deletion. Is Office 365 by itself blocking everything you need? If it is missing some email, is that critical for your organisation? What sort of impact could result in certain types of email getting through to end-users? (Missed spam, malicious attachments, inappropriate content, malicious URL’s, advanced phishing attacks etc?).

3. Advancing Phishing detection: Phishing has been a scourge for years because it is constantly evolving. The latest iteration, BEC or Business Email Compromise, has financially impacted many organisations large and small all around the world. BEC is difficult to detect, includes no attachments or embedded URL’s and is sent in low numbers and in a very targeted way. Has your company had issues? Do you know someone who has? What could the impact be for you? Does your current solution have any specialist support for BEC? Have you measured how much that is catching and are you sure that Office 365 would be able to detect and block these even using the advanced phishing capabilities in Microsoft’s ATP optional add-on? This in particular is a great area to potentially leverage a specialist solution such as Cisco’s Advanced Phishing Protection module which can work in any email environment.

4. Management: How easy is the solution to use? Can you track a message all the way through the scanning process? Can the search engine easily find and release quarantined email? Are you using end-user spam management now? Do you want to continue to use it? Will the capability offered in Office 365 meet your HR driven employee policies and requirements?

5. Reporting: Do you have any automatic scheduled reports being sent within your organization; perhaps to senior management? Can these be replicated within just Office 365? What reporting, or compliance auditing requirements can you see being required in the short term? Are these reports supported?

6. External Domain Protection: Becoming a more common inclusion for corporate messaging teams, organizations are using DMARC and related standards to monitor which organizations are sending email using your domain. Is your brand being negatively affected by being used in phishing attacks? While Office 365 does not offer any capability here, this is another area that can be addressed or supplemented using standalone products or solutions such as Cisco Domain Protection.

Licensing & Recommendations


For the majority of our customers, the ideal combination is Office 365 E3 with Cisco Cloud Email Security. This combination includes all the core Office 365 products supplemented with an enterprise class email security solution. The ATP features for Safe Links and Safe Attachments are easily met and exceeded in Cisco’s Cloud Email Security, this is the combination that Cisco itself runs.

Moving up to the E5 licensing tier is a difficult decision, you need to look at all the inclusions you get, which are substantial and determine what value your organisation would get out of these. From an email security & management viewpoint everything is pretty much covered with the combination recommended above except for the advanced email archiving capability if you need that over the basic option in E3.

There are also of course all the collaboration/telephony services which Cisco has great solutions for as well!

Options for Proving the Value


So how can you prove the decision you are making is the right one, or at least if you have already deployed Office 365 by itself, test to see how it is performing from a security viewpoint at least?

Cisco has an analysis tool called “Threat Analyzer for Office 365” and it works by accessing a selection on your user’s inboxes (you define which ones) via the Microsoft Graph API built into Office 365. Threat Analyzer scans these inboxes using the same email security engines that we have in our commercial offerings, looking for any email that we would have detected as Spam, Gray-mail, Malicious Email (with attachment or embedded URL) or inappropriate spam. Threat Analyzer does not do anything to this email or the inbox, it just records what the Cisco email security engines would have detected and then produces a report showing these results. From this report you can get an idea of the extra value you would get from running Cisco email security together with Office 365. However, it needs to be remembered that not all the security engines can be used (Connection filtering for example) with a configuration such as this, so your final experience would be even better than the report would suggest.

There are also other options, the recommended option would be to have Cisco email security running in front of Office 365 so it is the internet facing email server for your email domains, this way 100% of the Cisco security capability can be brought to bear. You can test this by using the default policy which would detect/block & quarantine within Cisco email security, or you simply tag email for it to be then processed by Office 365 and see the combined results. We have also seen other organizations creating a BCC rule within Office 365 to copy all email that is to be delivered to end-users also copied to Cisco email security to see what would have been blocked as well, although this also limits the security engines that can be used as it is also not internet facing, the same limitation that Threat Analyzer for Office 365 has.

Saturday, 15 February 2020

Corporate Knights and CDP Announce Global Sustainability Leaders

Cisco Tutorial and Material, Cisco Prep, Cisco Certifications, Cisco Exam Prep

Earlier this week, both CDP and Corporate Knights announced the results of their 2020 assessment of thousands of global companies in the areas of climate change (CDP) and the broader topic of sustainability (Corporate Knights). At the 2020 World Economic Forum (WEF) in Davos Switzerland Corporate Knights released their 2020 Global 100 ranking. This same week CDP (formerly Carbon Disclosure Project) announced its 2019 A-List companies.

CDP A-List


Cisco’s most material environmental sustainability issue is energy and greenhouse gas emissions. As such, we’ve invested in energy efficiency and low-carbon electricity to reduce our greenhouse gas (GHG) emissions. We use CDP’s annual carbon questionnaire as a litmus test to gauge the effectiveness of our strategy, initiatives, and performance.

For 2019, Cisco again made CDP’s “A-List,” along with 179 other global companies out of more than 8,400 that reported climate change related carbon data. Cisco has reported to CDP every year of its existence, receiving more awards from CDP for our climate change submissions than any other North American company. We’ve included a table in our 2019 CSR Report (p. 33) summarizing our results.

Growth in companies disclosing to CDP since 2003

Cisco Tutorial and Material, Cisco Prep, Cisco Certifications, Cisco Exam Prep

To drive emissions reduction, we’ve established a series of energy- and GHG-related goals that address various aspects of our business:

◉ 2019, was the second year of our third, 5-year Scope 1 and 2 GHG emissions reduction goal, reducing our worldwide GHG emissions from operations by 60 percent absolute by FY22 (FY07 baseline).

◉ We continue to invest in low-carbon electricity with a goal of 85 percent renewables by FY22. In FY19 83% of our electricity use was from renewable sources. It is a significant challenge for us to get this percentage much higher because renewables aren’t yet available everywhere in the world that Cisco has owned or leased operations. Since FY16, 100 percent of our electricity use in the United States has been from renewable sources.

◉ 2019 was the second year of our 5-year product-efficiency goal to improve large rack-mounted-equipment system power efficiency—as measured from the input power from the facility to the board-mounted ASICs, memory, and other chip devices—from 77 to 87 percent by FY22 (FY16 baseline). In FY19, our average system power efficiency for large rack-mounted-equipment was 85 percent (Table 17 of our 2019 CSR Report).

◉ In 2019 we announced a new goal to reduce Cisco-related supply chain GHG emissions by 30 percent absolute by FY30 (FY19 base year).

Corporate Knights Global 100


Corporate Knights gathers environment, employee, innovation, supply chain, and financial data for their ranking. This year, Cisco was ranked #4 by Corporate Knights, the fourth year in a row Cisco has ranked in the Top 15 out of about 7,500 companies evaluated by Corporate Knights.

The Global 100 methodology now puts a greater emphasis on a “clean revenue” metric. Based on feedback from Corporate Knights, Cisco improved how we classified our revenue from all product, software and service offerings.

In the Communications Equipment industry classification, the “clean revenue” metric counts for 50 percent of the overall score, reflecting the environmental benefit companies can contribute through the products and services they sell. Our products and solutions can help our customers be more sustainable and reduce operations expenses through building energy management, remote collaboration to reduce business travel, teleworking to reduce employee commuting (and increase office consolidation), data center equipment that enables energy-efficient cloud services, and IoT and low-power network technologies for improved asset tracking and management.

About rankings and ratings


Cisco relies on the following rankings/ratings to measure our progress on sustainability:

1. S&P Global Dow Jones Sustainability Indices (World and North America), formerly RobecoSAM0

2. CDP Climate

3. Corporate Knights Global 100

4. Barron’s Most Sustainable U.S. Companies

5. WSJ Management Top 250

6. FTSE4Good

These rankings are a valuable resource to confirm our strengths and identify areas for improvement in performance and transparent report

Friday, 14 February 2020

Where is the edge in edge computing?

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Prep

Edge computing has become the IT industry’s hot “new” term. Media outlets, vendors (including Cisco!), and analysts alike are all touting the value of edge computing, particularly for Internet of Things (IoT) implementations. While most agree that there are benefits to processing compute functions “at the edge,” coming to an agreement on what exactly constitutes the edge is another thing altogether.

In 2015, Dr. Karim Arabi, vice president, engineering at Qualcomm Inc., defined edge computing as, “All computing outside cloud happening at the edge of the network.”

Dr. Arabi’s definition is commonly agreed upon. However, at Cisco — the leader in networking — we see the edge a little differently. Our viewpoint is that the edge is anywhere that data is processed before it crosses the Wide Area Network (WAN). Before you start shaking your head in protest, hear me out.

The benefits of edge computing


The argument for edge computing goes something like this: By handling the heavy compute processes at the edge rather than the cloud, you reduce latency and can analyze and act on time-sensitive data in real-time — or very close to it. This one benefit — reduced latency — is huge.

Reducing latency opens up a host of new IoT use cases, most notably autonomous vehicles. If an autonomous vehicle needs to break to avoid hitting a pedestrian, the data must be processed at the edge. By the time the data gets to the cloud and instructions are sent back to the car, the pedestrian could be dead.

The other often cited benefit of edge computing is the bandwidth or cost required to send data to the cloud. To be clear, there’s plenty of bandwidth available to send data to the cloud. Bandwidth is not the issue. The issue is the cost of that bandwidth. Those costs are accrued when you hit the WAN — it doesn’t matter where the data is going. In a typical network the LAN is a very cheap and reliable link, whereas the WAN is significantly more expensive. Once it hits the WAN, you’re accruing higher costs and latency.

Defining WHERE edge computing is


If we can agree that reduced latency and reduced cost are key characteristics of edge computing, then sending data over the WAN — even if it’s to a private data center in your headquarters — is NOT edge computing. To put it another way, edge computing means that data is processed before it crosses any WAN, and therefore is NOT processed in a traditional data center, whether it be a private or public cloud data center.

The following picture illustrates the typical devices in an Industrial IoT solution and who claims to have “Edge Compute” in this topology:

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Prep

As you can see, the edge is relative. The service provider’s edge is not the customer’s edge. But the most important difference between the edge compute locations depicted is the network connectivity. End devices, IoT appliances, and routers are connected via the LAN — maybe Wi-Fi or Gigabit Ethernet cable. That is usually a very reliable and cheap link. The link between the routers/gateways and cell tower, is the most critical. That’s the last mile from the service provider. It introduces the most latency and is the most expensive for the end customer. It is the 5G or 4G uplink. Once you’re on the cell tower, the provider has fiber and you’re safe from a throughput perspective, but then you’re looking at increasing costs.

As you can also infer from the graphic, end devices should be excluded from edge compute because it can be near impossible to draw the line between things, smart things and edge compute things.

What’s old is new


We can take the concept of edge computing a step further and assert that it’s not new at all. In fact, we as an IT industry have been doing edge computing for quite some time. Remember how we learned about the cyclic behavior of compute centralization and compute decentralization? Edge compute is basically the latest term for decentralized compute.

The edge can mean very different things to different organizations, depending on the network infrastructure and use case. However, if you think about the edge in terms of the benefits you want to achieve, then it becomes clear very quickly where the edge of your IT environment begins and ends.

Thursday, 13 February 2020

Partner Services Opportunities in Enterprise Networking

Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Certifications, Cisco Learning

Customer success and technology lifecycle are top of mind topics for our partner community. How we engage with our customers and support them through their customer experience journey are as important as ever. With increasingly complex technology choices across so many different architectures, it’s not always easy to understand what types of services are the most suitable for each specific customer.

Many Cisco partners have developed practices based on their key priorities, customer base and market singularities. Specifically, in the area of Enterprise Networking, partners can capture various opportunities to expand their services practice.

Cisco services help partners enter new markets and grow their business. There are different reasons why you might consider leveraging some of them, for example:

◉ Developing a new practice for a new technology or architecture.

◉ Addressing a specific customer request outside of your area of specialization.

◉ Covering for experienced engineering resources unavailability.

Cisco DNA Center is the network management and command center for Cisco DNA, your intent-based network for the enterprise. Deploying it, can provide many service opportunities. For example, configuring it for the first time.

To get started, ask yourself a few questions to determine which services are best suited for your needs.

The first question is whether or not you have successfully deployed Cisco DNA Center in the past? If the answer is yes, then the next question is to check if you have experienced engineering resources available to address your customer’s expectations? If the answer is also yes, you can deploy Cisco DNA Center using your own resources and you can rely on our existing Support Services for any escalations.

However, if the answer to either of those questions is no, then you have to ask yourself if you want to build your own Cisco DNA Center practice. If you do, then you should consider leveraging Cisco’s Mentored Installed Networking Training (MINT) program, which provides an expert on-site all along the way deploying the solution together and learning at the same time so that you can start building your own expertise and eventually have a Cisco DNA Center practice.

On the other hand, if it is not your intention to build this practice, because your area of expertise, market opportunity or business model doesn’t require it; or simply because you do not have the engineering resources available when you need them, you should consider our Enterprise Networking Quick Start Services. These services provide a quick fix to accelerate deployment and adoption of Cisco DNA Center with a predefined scope and prescriptive design that provides the fastest way to test the value of Cisco DNA Center. You do not have to worry about deploying the solution. You procure the services from us and we do it for you.

Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Certifications, Cisco Learning

In addition to these two examples, we also have Ask-The-Expert (ATX) and Accelerators (ACC) which are designed to help you accelerate your implementation of new technology through targeted sessions with Cisco experts, either through one-on-one remote coaching or one-to-many interactive webinars.

If you would like to find out more about all these services options, please check out our Partner Success Sales Webinar for CX Enterprise Networking, where you can find a deeper overview on each of them.

The most important thing is for our partners to be able to provide the best possible experience to customers, while also growing their own services business market share. We all know it can be difficult sometimes to know when and where to leverage all the resources available, but make no mistake, we are all on this journey together and we want you to succeed.

Wednesday, 12 February 2020

Why multicloud means it’s time to invest in network transformation

Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Certification

In the age of multicloud, network transformation is on many CxOs’ minds. Public clouds, private clouds, SaaS providers—they’re coming together to help enterprise organizations accomplish amazing things.

They’re also placing game-changing demands on existing networks.

Legacy infrastructure lacks the modern technologies required to support the demands of multiple links to cloud providers, increased traffic, distributed data, complicated security and compliance needs, and other necessities for effective multicloud IT.

Network transformation isn’t just needed: it’s inevitable. But the capital outlay required for a network overhaul causes many organizations to think it’s impossible. Instead, they incrementally add infrastructure—resulting in increased complexity across controls, rules and operations.

However, based on our experience with enterprise clients and our own internal network delivery, we find that continuing to operate on outdated technologies actually costs organizations more in the long term than it would to dramatically reinvent their network infrastructure.

The longer you wait, the less you gain


Delaying inevitable projects, such as the provisioning of secure, high-speed direct cloud access to a business-critical application, means your business waits longer to realize the value of the initiative, and that value shrinks in the interim.

On large-scale transformation projects, we’ve seen the business impact of a six-month infrastructure modernization delay cost organizations between $5 and $7 million per year. This doesn’t take into account impact to revenue and risk.

Caring for aging infrastructure is costly


The term technical debt refers to the hidden cost of choosing less-costly solutions to IT problems, such as stop-gap measures to keep operating infrastructure that’s past its time.

As your organization continues to use a legacy network, it becomes increasingly more complex and difficult to manage, particularly as it grows with multicloud requirements. You exert more time and money to stay in fighting shape—and end up spending more in the long run than you would on a wholesale evolution.

For example, piecemeal implementation of Wi-Fi in the campus results in the continued need for existing fixed and wired ports, plus cabling, maintenance and project costs to keep it up to date, as well as the costs of adding wireless—increasing costs, complexity and impacting the end-user experience.

We’ve seen organizations reduce their infrastructure by over 20 percent as a result of switching to new architectures.

It all comes down to this: The longer you wait to transform your network, the more you spend in the long run.

Why further investment in piecemeal infrastructure fails


Money invested in piecemeal infrastructure rarely delivers discernable benefits. The example of adding wireless is a perfect illustration of why.

Addressing technical debt with multiyear piecemeal upgrades can’t enable the new capabilities of automated, software-defined networks—because the network constantly remains in an incomplete state. In some cases, we even see the technical debt continue to increase, as the level of investment being made can’t keep up with technology reaching end of life.

You don’t have to build your network transformation business case alone


We’re dedicated to helping our customers overcome the financial challenges of network transformation—and ensuring they can move on from costly legacy architectures.

To do so, we’ve collaborated with our enterprise customers to develop a framework called Cisco Performance IT.

It’s designed to help you accurately assess the financial realities of network transformation and identify a highly cost-effective path forward.

After going through the process, many of our customers find that their network transformation can actually pay for itself over a five-year period.

We’re ready to help you build a transformation and economic road map.

Read more: Cisco Performance IT makes multicloud possible for your digital transformation

Tuesday, 11 February 2020

What’s New in Security and Compliance for Webex

Three New Security Features in Control Hub


Security and compliance are top of mind for large customers when deploying collaboration solutions. In today’s modern and digital workplaces, collaboration spans organizational and functional boundaries and employees inevitably share sensitive data and intellectual property. Hence, building and maintaining trust with IT administrators and security professionals to keep user data safe within their organization or even when collaborating externally is a key focus area for Cisco Webex.

While Cisco Webex offers frictionless end-user experiences through modern collaboration, our 360 approach to security provides unmatched control, privacy, and compliance to meet the requirements of IT and security teams.

At Cisco Webex, we continuously listen to our customers’ critical security and compliance concerns and work hard to rapidly deliver new security controls to provide peace of mind to them. In September 2019, we announced a new Collaboration Flex plan add-on offer – the Cisco Webex Control Hub Extended Security Pack (ESP) – a Cisco-on-Cisco best of breed and easy-to-deploy package that strengthens data security and compliance and ensures seamless collaboration for businesses.

Now, we are introducing three new security features that can be configured and customized by administrators via Control Hub to meet your organization’s specific requirements.

1. Anti-Malware Protection: Protect users from Trojans, viruses, and ransomware – even when files are shared by external users by directly enabling Anti-Malware Scan from Control Hub. An Extended Security Pack subscription is required.

2. Block External Communication: Empower administrators to whitelist approved domains via Control Hub to allow communication with users from authorized domains or organizations.

3. Bot Management: Empowers administrators to control and contain the proliferation of bots within an organization with global access policies and local whitelist overwrites directly from Control Hub.

Anti-Malware Protection


The Extended Security Pack already includes the full set of functionalities from Cisco Cloudlock® for data loss prevention (DLP) by providing full visibility and control over sensitive data stored in Webex Teams.

We are thrilled to announce the general availability of Anti-Malware Protection capability in Webex Teams, included in the Extended Security Pack. The native, high-performance anti-malware engine, powered by Cisco Talos ClamAV in Webex Cloud, scans and remediates all files in spaces, even if they are uploaded by external users. End users will not be able to download infected files on both corporate-managed and personally-managed devices, as shown in figure 1. In addition, administrators have the option to enable or disable anti-malware scanning and access scan history report in the Control Hub, as shown in figure 2.

Cisco Collaboration, Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certifications, Cisco Security
Figure 1. Blocking an infected file

Cisco Collaboration, Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certifications, Cisco Security
Figure 2. Administrator control for Anti-Malware Scan

Block External Communication


In today’s workplace, collaboration transcends organizational boundaries. For instance, your organization has embarked on a new initiative such as a joint product offer with a partner. Such an effort typically involves multiple personnel, discussions, and approvals. With a closed platform, your options are limited when it comes to managing communications with a network of partners with whom information exchange is extremely asymmetric. Sending out long emails or waiting for weekly recurring calls to clarify key items can be expensive and frustrating. Not anymore, thanks to Webex Teams!

We understand your needs when it comes to external collaboration and has been working hard to enhance the Block External Communication feature. You can extend your communication footprint with users outside your organization without compromising security and compliance. Unlike other communication platforms and tools that introduce administrative overhead and end-user friction, we deliver on the vision that external collaboration should be an intuitive and seamless experience.

What Does This Mean For IT Administrators


With this new enhancement to Block External Communication, administrators can now create a Whitelist of approved domains via Control Hub (See Figure 1, preventing unauthorized communication with users from other domains/organizations. Block External Communication works by restricting Webex Teams space membership to users who belong to domains that are part of the administrator-approved Whitelist only. The policy is enforced in a forward-looking manner after it is enabled in your organization’s Control Hub setting. Retrospective scanning of existing spaces for membership violations is not performed. Administrators can be assured that users from their organization are collaborating only with external users who belong to trusted domains.

Customers in regulated verticals such as finance and healthcare trust Webex Teams to protect their valuable data and provide a secure platform. This is yet another step in the direction of our promise to deliver the most open yet secure platform. The new Block External Communication feature is currently in early field trials. Stay tuned for more updates as we target General Availability of this feature.

Cisco Collaboration, Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certifications, Cisco Security
Figure 1: Control Hub configuration for creation of a domain Whitelist

Bot Management


Webex Teams is an open platform. A platform that your and external developers can customize and integrate into your business processes with the goal of enhanced interoperability with external data systems and enhanced productivity to your users. In fact, Webex Teams sports a slew of bots and applications developed by freelance developers – to market-leading ISV’s – curated and hosted on apphub.webex.com. You can find commercial integrations like a Salesforce bot, to crowd-pleasers like the Noora spa finder bot. And if you have a new solution in mind you can execute your creative juices by heading over to developer.webex.com and use the published well documented and fresh REST API’s as your entry point to your developer fame. Remember every Webex Teams login is also the entry key to the developer program – automatically.

Managing Bots From an IT Perspective

On to managing these bots from an IT perspective: We saw and heard the need to control the proliferation of these apps (bots and integrations), while we wanted to maintain the spirit of the open platform. The result is our new Bot Management capability. Similar to integrations management, Control Hub admins will find a new tab in the admin console which allows them to limit access to bots by their users. Customers without access to Pro Pack can still globally blacklist all bots, which will prevent the addition of bots to spaces going forward (See Figure 1). Pro Pack subscribers, in addition, can whitelist individual bots that your IT and Infosec departments deem safe and useful (See Figure 2). Bots in the allowed list can be added by anyone from your organization to space or invoked in direct conversations. Disallowed bots will result in an error message when trying to talk to them or adding them to a group space. This new feature is not retroactive and only works at the membership level, i.e., bots that were previously added to spaces will continue to work. The new bot management is currently in early field trials and expected to be generally available soon.

Cisco Collaboration, Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certifications, Cisco Security
Figure 1. Globally Bot Management

Cisco Collaboration, Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certifications, Cisco Security
Figure 2: Individually whitelisted bots

This feature is currently in early field trials. Stay tuned for more updates as we target General Availability of this feature.

Sunday, 9 February 2020

Cisco Performance IT makes multicloud possible for your digital transformation

Cisco Study Materials, Cisco Guides, Cisco Tutorial and Material, Cisco Learning, Cisco Prep

Modern enterprise organizations rely on a diverse and flexible cloud approach, incorporating both public and private solutions, to accomplish their mission.

In fact, 40% of enterprise CxOs say they’re embracing a cloud-first strategy. Doing so, they realize benefits like enhanced agility, efficiency, and scalability.

However, the combination of increased traffic from SaaS providers, on-premises applications, and public clouds like AWS or Microsoft Azure is placing a tremendous strain on enterprise networks in terms of operations, security, performance, and cost.

And oftentimes, it’s creating a negative impact on the business, as the user experience is frequently impacted when a multicloud strategy is supported by legacy networks.

Introducing Cisco Performance IT


To address multicloud challenges, we started working with customers to build a model for network transformation. Our goal was to make it financially feasible to deliver networks that provide high performance and superior user experiences. All while being operated more efficiently, and at lower costs. We call this model Cisco Performance IT.

It’s a framework that helps clearly illuminate the benefits of evolving networks to match multicloud realities. Ultimately, it shows you how transforming your network represents significant financial and operational benefits.

Cisco Performance IT helps you chart a long-term course for your network and your business—and shows how the right investments can pay for themselves.

Why transformation is critical


Many enterprise networks are built on legacy technology that’s not ready for the demands of multicloud. Today’s world is dynamic, and infrastructure built on manual processes and static configurations can’t keep up.

Take a look at these network challenges created by the multicloud shift, based on our real-world projects:

◉ Connecting to SaaS provider isn’t as simple as it seems. West Coast SaaS traffic routed to a U.S. East Coast legacy data center where security is hosted—creating a massive performance bottleneck that slows application performance and impacts the user experience.

◉ Dedicated circuits slowing deployment. Access to public/private connectivity requires dedicated circuits for connection to the cloud provider. This often results in provisioning times exceeding 60 days, delaying the ability to deploy new revenue services for the business.

◉ High costs. Increasing demand for access to SaaS solutions requires dedicated links that come with expensive, multi-year commitments. Our enterprise customers are seeing circuit costs increase year-over-year as a result of SaaS connectivity growth.

◉ Overwhelming complexity. When every new cloud provider requires manual configurations of rules and policies, the operational workload skyrockets. Combined with flat or declining operational budgets, this creates delays as workloads increase.

Overcome the budget challenges of network transformation


Given the issues caused by aging networks supporting multicloud strategies, it’s obvious that significant network overhauls are necessary. But transforming networks in the traditional way is manual, costly, time-consuming, and difficult.

The capital outlay required for network transformation is a barrier for many organizations. They see the need, and even know the technologies they would require to make everything work—but they can’t build the financial case to justify it.

However, early adopters of the Cisco Performance IT approach are seeing incredible results: such as self-funded network transformation, the ability to deliver new services in much shorter timeframes, and sustainably reduced operational costs with simplified and comprehensive security.

While navigating transformation in the multicloud era is difficult, Cisco Performance IT can help you find the most cost-effective and savvy path forward.