Time Series Analysis with ARIMA: Part 1

PART 1: Introduction to Time Series

At Cisco, our partners and clients want ways to track and monitor their Cisco routers, switches, and other such devices. An important avenue of my work as part of the Customer Experience Data Incubation Team is to help track device utilization over time. One such way to think about how device utilization changes over time is to frame it as a time series. In this blog post, I will give a full break down of time series and ARIMA, why it is important, what it is, and how to use it – with a Cisco use case as well! This blog post will give a picture of some of the work the Data Incubation Team has done as part of the Customer Experience portfolio.

I. What is a Time Series?

So, what is a time series? It’s actually a very simple concept. A time series is simply a set of values of the same entity observed over time, typically in equally spaced intervals. It can be monthly, yearly, weekly, daily, hourly, and by the minute. A few of examples of a time series include weekly gas prices, yearly temperature change, hourly passenger count on the subway, and any stock market app you look at. Below is an example of a time series using Google’s Stock. I will use this example for the majority of the blog.

II. Why Do We Care About Time Series?

So why is understanding time series data important? If you want to predict something in the future or understand trends over time, you will want to use time series analysis. For example, maybe you want to track sales and predict sales in the future. Maybe you want to breakdown your sales over time to see if there is a trend or cycle associated with it. Any sort of data tracked over time can be used for time series analysis! Below is another example of time series, which tracks the hourly bicycle count.

III. Components of a Time Series

Now that you know what and why of time series, let’s break down its components. This will be important when we start talking about ARIMA in the next post.

Let’s say you have your observed values, D. These observed values, D, can actually be broken down into 2 main components: Systematic components and Random components. Systematic components are data that can be forecasted, while random components are data that cannot be forecasted. I will break down both the systematic components and random components in a series of definitions below.

◉ Systematic Components, S – Data that can be forecasted. Systematic components can be further broken down into 3 parts.

◉ Level, L – It is the intercept of the straight-line approximation of the current observed values D, like a regression line or line of best fit. Level is generally used as initial input to forecast models.

◉ Trend, T – It is the slope of the rate of growth or decline of your observed values, D. This slope or rate will decline, incline, or be constant throughout the time series.

◉ Seasonality, S or Cycles – They are the predictable seasonal or non-seasonal fluctuations in your observed values, D. In other words, your data has seasonality if the data has variations that occur in regular intervals (weekly, monthly, etc.) throughout a year. For example, Nintendo Switch console prices and games lower every 3 months, then come back up after a week. This is considered a seasonal component.

◉ Random Components, R – This might be anomalous behavior, irregularities in the data, and unexplained variation. These are all things that typically cannot be controlled, and they are inevitable in almost every dataset.

IV. Main Goals when Given Time Series

Now that you know what a time series is and the components, you may be wondering what you can do with it. When given a time series, you either want to decompose the components of your time series data or forecast and make predictions based on your data. Let’s talk about both techniques below.

◉ Decomposition: This is the breakdown of data into sub-components, including trend, seasonality, and randomness and can be done to look at important parts of the time series. Maybe sales on your services have a seasonal or cyclical component to them and you want to use that to improve sales at a certain part of the season. That is where decomposing a time series can be helpful. You can visualize and identify specific factors and trends in your data that impact its growth or decline. Below is a breakdown of the components of Google’s stock.

◉ Forecasting: Another goal of time series is forecasting the future. For example, you may want to predict when some hardware or device might crash in the future based on their historical data. This can help companies make proactive or preventative measures to fix the problem before it happens instead of reacting to the problem as it happens. As a result, this can save time and money for companies and clients. Below is an example of the forecast of Google stocks given its current seasonality, cycles, and trends.

V. Forecasting Rules of Thumb

Now that you understand some of the cool things you can do with time series, I will now go over rules that are critical to know if you want to do forecasts on your data.

Rule #1 – Always plot your data before, during, and after forecasting!

You always want to check how the data is distributed over time or how the model is forecasting by plotting the data. The process is quick and gives an idea on how to approach the problem or make adjustments to the model.

Rule #2 – You can only forecast the systematic components of the observed data – Level, Trend, Seasonality

You may not predict the future very well if you do not see any of those systematic components of trend, seasonality or cycles after decomposing your time series. There may be a promising project you work on that might have uneven and irregular data. For example, maybe the stock price swings if someone sends out an innocuous tweet. You can see the how that tweet impacted your time series by looking at the residuals or the random components. This type of swing may be something you will likely not be able to predict.

Rule #3 – The random components, R, cannot be predicted

As mentioned before, random components are sudden changes occurring in a time series which are unlikely to be repeated. They are components of a time series which cannot be explained by trends, seasonal or cyclic movements and they are usually not repeated. For example, during times of the coronavirus, stock prices were very volatile and while there was a general downward trend, much of the day-to-day activity was random. If your data only have random components, it will be harder for you to make an intelligent time series forecast.

VI. General Forecasting Techniques – Univariate Time Series

Now that you understand some important concepts for forecasting, I will outline two different forecasting techniques used as industry practice today, starting from simple regressions to smoothing.

◉ Regressions find a straight line that best fits the data. This is also known as static forecasting.

1. EX: Least Squares (using linear regression)

◉ Smoothing determines the value for an observation as a combination of surrounding observations. This is also known as adaptive forecasting. ARIMA utilizes smoothing methods. Smoothing has additional tools that a simple regression does not have and makes modeling more robust. Smoothing techniques are more commonly used today, but regressions are often useful to get a general idea of how your data is moving.

1. EX: moving average, exponential smoothing models, ARIMA models

Continue reading

Three Network Challenges IT Can Solve to Drive Business Continuity

Similar to what most of our customers are doing these days, the majority of my working hours are spent working from my home office. It’s not a new experience for me. At Cisco, we have always been good at using our own technology to run our business, so working from home is common for most Cisco employees.

My home office setup provides me with the same experience I’m used to in the office – same secure corporate Wi-Fi network run off a Cisco access point, a Cisco DX video end point for Cisco Webex meetings and nothing more.

This is exactly the need we are seeing at our customers, as they look to enable their remote workforce. A secure solution, deployed quickly and at scale.

Never in recent memory has IT around the world needed to address a crisis such as this in such a short time. Never in recent history has the network played such a crucial role in keeping businesses going when everything else stops.  IT and the network are now at the forefront, the only enabler for businesses to continue operating.

Business continuity is the name of the game, but what are the easiest ways to get that critical element of network connectivity up and running?

Let’s unpack the three main challenges that customers are struggling with today:

Enabling Remote Work(ers)

With a pandemic like this one, governments are attempting to slow down the spread of the virus by enforcing strict social distancing guidelines, which means businesses across all industries, geographies and sizes are closing their physical spaces. Employees are expected to work, but from their home or as a small team in a micro office.  And IT is being asked to provide the secure network connectivity.

There are several ways to do this – via a VPN connection, a virtual office router deployed at home and providing not only connectivity but also security, Wi-Fi, switching and more, or by setting up access points that bridge to the corporate network. Although Cisco has offerings to address all three options – I will discuss the latter two.

Many customers I speak to have old and un-used access points, usually sitting in a warehouse and collecting dust after being replaced by newer generation AP’s. IT can re-purpose these by centrally configuring them to be Office Extend Access Points (OEAP). IT can also temporarily pull, say, every third access point from the office ceiling and use those for home connectivity.

IT can then ship the access points to the employees home, who would connect them to their home network and voila!, within minutes are able to securely log onto the corporate Wi-Fi network, with no need to log-in through VPN every time.

Almost any Cisco Aironet or Catalyst access point can be used, going three generations back to 11n AP’s.

Customers can also leverage the Wireless LAN Controller’s free 60-90 days evaluation license to deploy any wireless LAN controller, virtual or physical, so investment is minimal.

Customers that are looking to manage their network with a central cloud management dashboard can deploy Cisco Meraki’s remote work offers that build on Meraki’s Security & SD-WAN, Teleworker Appliances (MX, Z) and Access Points (MR), which have the capability to securely extend a corporate network into the home. Meraki Insight (MI) gives IT admins a view into the performance of cloud-based applications (WebEx, O365, G-Suite, etc.) and Meraki Systems Manager (SM) keeps school/government/enterprise issued devices secure when those are off the network, and assists in the rapid deployment of security offerings (Duo, Umbrella, Clarity, etc.).

And finally, customers can also set up teleworker, and small branch offices using Cisco ISR 1K devices. For environments where there is no network already present, like in pop-up healthcare facilities, Cisco ISR1K routers offer advanced LTE/cellular options for expanded WAN coverage, backhaul over cellular, backup/fail-over connectivity and active-active configurations.

While this solution might require more time for planning and deployment, it offers the most robust capabilities, is SD-WAN ready and can serve the business future needs beyond the pandemic.

Keeping consumer businesses running

While in many industries work from the workplace is put on hold, there are some consumer- oriented businesses like retail, healthcare, and transportation – where operation is essential.

What can be done to provide shoppers with a safe experience when they go to shop for food? How can airports maintain the health of their travelers and staff? How can hospitals track location of critical devices?

Location based network analytics, enabled by Cisco DNA Spaces, can provide the right insights, and is available to customers for 90 days at no cost. Cisco DNA Spaces, which provides wireless customers with rich location-based services, including location analytics, engagement toolkits and enterprise integrations, enables businesses to use technology in order to solve this physical challenge.

For instance, by leveraging the existing Cisco wireless network at the retailer, IT can provide the security staff access to the Cisco DNA Spaces dashboard so they can monitor the real-time clustering of devices to enforce social distancing at the retailers physical space, by looking at heatmaps overlaid on the business’s floor plan. IT can also push notifications to devices where policy is being overridden.

Another use case focuses on guest engagement. Imagine you go to a pharmacy. You obviously want to spend the least time possible inside the store. Cisco DNA Spaces’ captive portal capability can enable you to check-in when arriving to the pharmacy’s parking lot, and when your turn comes, the business will notify you to come in and conduct your shopping. That way the business can have control over the amount of shoppers on location, reducing health risks.

Other use cases include leveraging Cisco’s partnerships with healthcare solutions providers such as Stanley Healthcare, where the need to track critical assets related to Covid-19 patients, such as respirators or even nurse panic buttons can be enabled by using Cisco DNA Spaces and Stanley Healthcare’s RFID tags.

Supporting temporary healthcare

As many of you have already seen, due to the risks associated with this virus, healthcare providers  are deploying temporary facilities such as screening zones, drive-through clinics, as we as full-fledged temporary hospitals, to address the influx of patients, while containing the risk of spread to other patients and staff.

These can be adjacent to the healthcare providers campus where an existing network can extend out, for instance setting up a screening tent in the parking lot of the hospital. Or it can be a mobile field hospital or screening location set up in a nearby location, school or stadium, where there is no available network.

The quickest way to address this challenge is to leverage the existing indoor wireless network, using external directional or omni antennas, to extend to the nearby facility.

Another way is by deploying a wireless mesh solution where one access point is connected to the wired network, and other access points connect to it over Wi-Fi. Almost any AP can operate in this mode and a combination of indoor and outdoor AP’s can be used.

Other options include Mobility Express access points, Meraki access points, point to point bridging or Cellular based wireless backhaul solutions.

The network IS the enabler for business continuity, and the role of IT is immensely important. Although IT companies might not be considered essential businesses per government taxonomy, IT is essential to maintaining business continuity. I’m sure your account team is ready for any ask or question you may have, and I encourage you to reach out for help, as we are all in this together, in solidarity.

Continue reading

Buyers Beware: Scamming Is Rife, Especially In a Time of Crisis

For years, scammers have been using a combination of Blackhat SEO techniques, phishing sites and newsworthy events to either trick individuals into giving up personal information including credit card numbers or to install malware or both. Preying on an individual’s fears has always been a go to tactic for scammers.

Recently a friend texted me and asked if I could take a look at a website his wife used to try and buy some 3M N95 face masks from. He was concerned that the site did not appear to be legitimate. “Sure”, I said, “What is the domain?” He sent it over. mygoodmask[.]com. Having spent the last decade looking at malware, spammers and scammers, I responded immediately, “Yes, it’s very bad. Tell her to cancel her credit card as soon as possible.”

I figured I’d take a closer look at the domain to confirm if I was right. Dropping the domain into Cisco Threat Response – our platform that accelerates investigations by automating and aggregating threat intelligence and data across your security infrastructure. Threat Response didn’t return anything useful aside from the IP Addresses it resolved to. Since the platform is configured for my test organization at the office, it’s not going to show me any hosts that may have visited that domain, but it is still a great source of intelligence. It showed that Cisco was aware of the domain, but there was no additional information – not surprising for newly created and used domains. There is more than one way to determine if a domain is suspicious.

Enriching the two IP addresses, 50[.]97.189.190 and 66[.]147.244.168, returned everything I needed to decide that the original site was malicious. Nearly two hundred domains resolving to those two addresses, none of which looked like ones I’d like to end up on.

At this point I was curious about the website itself and wanted to take a closer look. I submitted the domain to Threat Grid, Cisco’s malware analysis tool. It immediately redirected to greatmasks[.]com which resolved to 37[.]72.184.5. Using Glovebox, a capability in Threat Grid that allows full interaction with the virtual machine, I attempted to buy some masks from the website. I used an expired card number to purchase my masks. They are using PayPal to collect payments and validate card numbers.

The results produced from the analysis highlighted further details on the website, indicating a high level of suspicious activity.

Drilling down on the IP address that the new domain resolved to, we found another related domain, safetysmask[.]com. At this point it would be easy to create a new Casebook and add these observables to the investigation.

For me, one of the most telling signs of an unknown domain is the lookup frequency and activity mapped to the domain creation date and DNS changes. A scammer may register domains and park them until they’re ready to use them. At that point they’ll set up a website and point that domain to an IP.

Looking at the timeline and domain lookup activity in Cisco Umbrella, our DNS-layer SaaS solution, it’s clear that this website has been up for less than a month which is unusual, especially in context of this investigation.

Using a combination of our platform capability and our DNS-layer security, I was able to validate that this domain, IP Addresses, and related domains were malicious. With investigations of this nature, the domain or IP might not always have a known disposition at a certain point in time but often, by following the breadcrumb trail of related information, it’s easy to make a determination and judgement about the original domain. Another path to determining the disposition of these domains is to drill down into the observables in Umbrella.

Cisco Security products not only integrate via Threat Response, there are multiple direct integrations between products as well. These integrations are used to share threat intelligence produced by individual products and to share capabilities across products through API integrations, data visualization and cross product capabilities such as Casebook’s browser plugin.

Umbrella, our cloud-delivered DNS- layer of protection, integrates with Threat Grid, our malware analysis tool, and this allows Umbrella to show information produced through dynamic analysis, mapping domains and IP addresses to samples seen in Threat Grid’s global database, providing another method of determining disposition.

By the end of my digging, I had found hundreds of scams related to sports events, fashion accessories, flu season and more. All easily searchable within your organization via Threat Response and just as easily blocked via Umbrella.

What began as just a way to help a friend one evening, became a quick but comprehensive investigation into how bad actors are trying to capitalize on a global health crisis. Hopefully this was helpful in showing how easy it can be to validate the disposition of a domain using related observables, and in doing so, build out a collection of new content to be leveraged in your environment for detection and prevention.

Continue reading

Cisco Announces Intent to Acquire Fluidmesh Networks

As organizations continue to connect their infrastructures, wireless connectivity remains a critical piece of their strategy. To meet the growing demand for wireless connectivity in the most challenging environments, Cisco is announcing its intent to acquire Fluidmesh Networks, LLC, a privately-held, New York-based leader in wireless backhaul systems. Fluidmesh’s leading technology will compliment Cisco’s robust industrial wireless portfolio, providing reliable and resilient wireless solutions for mission critical applications.

Today’s wireless technology is allowing organizations to improve productivity and worker safety. Organizations such as Caterpillar offer wireless technologies for unmanned vehicles, and mining operations such as Boliden in Garpenberg, Sweden are using wireless technology to remotely operate 23 ton loaders in a small space. If communications fail, it could result in the unit stopping and halting production, ultimately requiring human intervention. On the other hand, a loss in communications with a high-speed train or subway is unacceptable. While most wireless solutions work well for slow moving objects (<30km/h), Fluidmesh’s leading technology is designed to provide zero loss of data transfer at speeds in excess of 300 Km/h.

Beyond high speed rail, numerous industries from manufacturing, oil & gas and mining, to shipping ports, are all looking at how they can use wireless connectivity to automate operations in an effort to reduce operational costs. Today, customers are using Fluidmesh’s reliable wireless technologies in a range of industries to improve productivity, safety, and the customer experience.

Cisco will use Fluidmesh’s products to extend its industrial wireless leadership position to on-the-move applications and where reliable backhaul is mission critical, including:

◉ Rail and transportation: Provide high-speed and reliable connectivity between the trains and the trackside eliminating potential gaps in data transfer, all without the need to stop even when traveling at high speeds.

◉ Mining operations: Improving worker safety with ultra-reliable communication systems for remote operations of mining equipment, eliminating the need to send workers into a potentially hazardous environment.

◉ Manufacturing and industrial automation: Increased productivity with autonomous moving robots operating on a resilient and low-latency wireless network.

With organizations digitizing and interconnecting their systems, the speed of business is constantly being redefined. Fluidmesh’s leading technology will allow us to address these new and emerging use cases with a solution set that is quick to deploy and provides low operational costs and maintenance. We are excited to bring this unique technology to our customers!

Continue reading

Top 5 features of a Network Traffic Analysis (NTA) tool- Why you need Stealthwatch now more than ever

According to research from Enterprise Strategy Group (ESG) and the Information Systems Security Association, 91% of cybersecurity professionals believe that most organizations are either extremely or somewhat vulnerable to a significant cyber-attack or data breach.1 CISOs have tried many different solutions. Many are increasing hiring in a field with a steep talent shortage, which may have some long-term returns but doesn’t solve the problems they are facing today. Some also purchase a patchwork of security solutions that aren’t really integrated – an approach that can cause major complications for security architects. These strategies are clearly not increasing confidence in their overall security effectiveness.

What are the primary reasons you believe cybersecurity analytics and operations are more difficult today than they were 2 years ago?

Research indicates that organizations can’t hire their way out of their cybersecurity woes. CISOs must improve security efficacy, streamline operations and bolster employee productivity, and they must rely on their existing workforce. That’s where Network Traffic Analysis (NTA) tools can provide a cybersecurity quick-win. An effective and modern NTA solution can continuously monitor the network and detect threats that might have bypassed the perimeter or even originated within the business. Top-tier NTA solutions take the weight off of the employees’ shoulders by giving them the tools they need to speed up threat detection and remediation. To help you evaluate an NTA solution effectively, let’s take a look at the top features identified by cybersecurity professionals as part of the research conducted by ESG:

1. Built-in analytics and threat intelligence services

44% of survey respondents said that built-in analytics to help analysts detect suspicious/malicious behavior is one of the most important features. Best-in-class NTA tools have different algorithms and signatures built-in to model behavior and crunch data, allowing for high-fidelity alerts that streamline workloads and accelerate incident response. The same percentage also said that threat intelligence services/integrations to enable comparisons between suspicious behavior and known threats is another top feature. These integrations allow NTA tools to “enrich” network telemetry, making alerts more thorough and actionable.

2. Ability to monitor IoT traffic/devices

Users also need the ability to monitor niche equipment that is unique to their industries. This is especially important in industries that have made aggressive investments in IoT like healthcare, manufacturing and transportation. IoT devices generate telemetry and increase the threat surface like any other connected device, and therefore need to feed into an NTA tool.

3. Ability to monitor all network nodes

37% of respondents stated that alerts for when new network nodes are connected are essential for an NTA tool. This means security professionals want NTA tools to issue alerts when unsanctioned devices connect. This is incredibly important for monitoring and mitigating cyber-risks.

4. Proven integrations with other security technologies

37% also said that one of the most important features is documented and tested integrations with other types of security technologies. These other technologies could be malware sandboxes, network segmentation enforcement technologies and much more. These integrations allow for a closed-loop process that includes network security development, monitoring and enforcement.

5. Public cloud visibility

More than a third of respondents said that the ability to monitor cloud traffic is an essential feature. In order to provide true end-to-end visibility, NTA tools need to be able to tap into VPCs, cloud monitoring logs and APIs across AWS, Azure, GCP, etc.

Cisco Stealthwatch

Stealthwatch aligns well with the most important NTA attributes cited by the surveyed cybersecurity professionals. For example, Stealthwatch:

◉ Features multiple types of built-in analytics. Its behavioral modeling and multi-layered machine learning algorithms can detect hidden threats- even those hiding in encrypted traffic.

◉ Provides comprehensive visibility. In addition to monitoring on-premises environments, Stealthwatch also offers agentless visibility into the public cloud. It can also detect when a new network node connects, monitor traffic from IoT devices and more. Nothing slips through the cracks with Stealthwatch.

◉ Backed by Cisco Talos threat intelligence. Threat intelligence is one of the most important features of an NTA tool. Stealthwatch ties its multi-layered analytics with global threat intelligence from Talos, the largest non-governmental threat intelligence organization in the world, and can take immediate action when activity is associated with a known threat, no matter the origin.

CISOs of the world can’t keep up with their security workloads, especially with a global cybersecurity talent shortage. They need quick wins– fast, efficient and accurate alerts that allow them to focus on what really matters. Cisco Stealthwatch is the tool they need right now.

Continue reading

Evolution to Cloud RAN Made Easy with Cisco’s Fronthaul Solution

5G is happening now. Across the globe, more than 60 service providers have already launched enhanced mobile broadband (eMBB) or Fixed Wireless Access (FWA) services, with plans to offer more advanced 5G services such as ultra-reliable low-latency communications (URLLC), or industrial IoT in the next 18 to 24 months. But the expansion to 5G has not been easy or without growing pains, as legacy 4G network infrastructures struggle to support so many different services.

They’re struggling because the vast majority 4G transport infrastructures were designed to support consumer services with stable north-south traffic patterns, optimized for best-effort mobile broadband, and no need or ability to support stringent SLAs. Very few adopted advanced 4G features that would support more complex services, such as Enhanced Inter-Cell Interference Coordination (eICIC), Coordinated Multi-Point (CoMP), Evolved Multimedia Broadcast Multicast Services (eMBMS), Multiple-Input Multiple-Output (MIMO), or precise timing.

The expansion to 5G has changed the game, as three groups of services emerge – eMBB, URLLC, and massive machine-type communications (mMTC) – all driving a new set of requirements over the transport network. To match the commercial-grade SLAs these new services will inevitably demand, mobile networks must increase availability, reliability, and security.

To meet the service demands of 5G, service providers need to rethink the economics of their end-to-end infrastructure and make decisions that go beyond the radio. At the top of this list is the RAN architecture, which accounts for nearly 80% of service provider’s Capital Expenditures (CapEx). RAN operating costs are no slouch either; it’s estimated they equate to 60 % of the Total Cost of Ownership (TCO).

New densification strategies are also required to improve the economics of backhaul networks, supporting the high frequency (3,5Ghz, 6Ghz, 24GHz, etc.) spectrum with up to 400Mhz ultra-high cell bandwidth, massive MIMO (64TRX, 32TRX Multi-Access Antennas) and the exponential increase in base stations required to support 4G LTE expansions and 5G services.

Open, software-defined, virtualized, and cloud scalable, the emerging Cloud-RAN or Centralized RAN (C-RAN) architectures, support these densification strategies. C-RAN disaggregates base stations by separating Radio Units (RUs) from Radio Equipment Controllers (REC) and centrally locates these REC functions in regional/distributed data centers.

The centralization of base stations drives the need for fronthaul transport to be able to carry the antenna samples using CPRI or standard-based/open protocols. However, CPRI line rates (currently limited to 24 Gbps) don’t efficiently scale to meet the growing needs of 5G and also require tight delay budgets that lead to limitations in the distance and transport technologies that can be used for aggregation. Another concern is related to MIMO scale adoption as CPRI requires a dedicated link for every antenna. This mechanism becomes problematic as service providers invest in MIMO technology to increase data rates for 4G and 5G radio.

With these new architectures, service provider RAN departments must have a stake in ensuring the network between the RU and the DU delivers the required performance. This was not the case in the past as the RU and the DU were tightly integrated at the cell site.

These attributes are essential to the transport infrastructure meeting performance expectations and assuring a smooth evolution to C-RAN while supporting legacy RAN requirements.

Converged end-to-end IP infrastructure

To improve economics, RAN transport networks need to be optimized to share connectivity for both wireline, wireless and business services. This can be done effectively by leveraging technologies such as Segment Routing to address the diverse 5G transport requirements – for example, different SLAs can be enforced thanks to network slicing capabilities powered by Segment Routing directly from the cell site up to metro and core networks.

As operators move to Cloud RAN, mobile network functions are virtualized and distributed closer to end-users for better service quality and lower latency. Cloud RAN locations, in turn, need to support the dynamic placement of VNFs and Service Edge, while providing telco class resiliency; this is driving service providers to roll out multiservice networking devices that support end-to-end network slicing.

Designed to Evolve

As 4G and 5G RAN specifications and standards evolve towards cloud-scale, open, and virtualized solutions, RAN transport must be extensible to meet current and future RAN functions and technical requirements. Turbo-charging RAN networking devices with Field-Programmable Gate Array (FPGA) will increase the flexibility to quickly adapt to evolving radio interface processing specifications for CPRI, eCPRI and RoE.

Automated

To curb OpEx costs and better manage operational life-cycle, RAN transport solutions need extensive and open automation capabilities that can integrate into existing management domains and end-to-end systems.  As densification can require on-site interventions, network operators need greater automation in deployment processes and tighter security requirements.

Packet-based 

Traditional fronthaul optical solutions have been static TDM solutions using dedicated optical resources to carry fronthaul traffic. By contrast, packet-based solutions leverage statistical multiplexing to share transmission capacity, using valuable fiber resources more efficiently. Packet-based solutions also support an enhanced CPRI (eCPRI) protocol that scales bandwidth 10x more effectively than 4G CPRI, meaning fewer transport resources are required.

Packet-based solutions support Point-to-Point and Ring topologies, offering easy bandwidth growth while providing the telco class resiliency demanded by mission-critical enterprise services. Fronthaul optical transport solutions are typically implemented using point to point topologies.

Open

Already, service providers have shown an unprecedented interest in open, virtualized RAN solutions that dovetail into their broader SDN architectures. As an early leader in the creation of the Open vRAN ecosystem, we’ve witnessed great progress, but there still is a long road ahead. Continuing to grow and mature the Open vRAN ecosystem will ensure new open RAN solutions find their way into service providers’ infrastructures.

Continue reading

How to Create a Dashboard for Webex Device Monitoring

Demand for remote work systems is growing

The rapid growth in demand for remote work systems has resulted in new challenges of monitoring and troubleshooting devices used for this purpose. Recently, Webex events (calls, messages, etc) have jumped from 39 billion to 270 billion per day.

All well known video services are under heavy load. Cisco’s advantage in unified communication solutions is also based on high-quality functional devices equipped with high-quality cameras, sound systems, and microphones as well. Many employees started working remotely. Someone uses laptops for video conferencing; many employees make use of advanced devices, such as Webex devices: Series DX, MX, SX; Room/Roomkit/Codec and Webex Board’s.

Below we will take a particular look at the necessary elements to create a dashboard to monitor and manage Webex devices.

By using one dashboard, Collab admins can manage and automate many remote devices

Automatic monitoring and use of dashboards eliminates the need for tracking certain parameters and transfers all the necessary information into one center.  This allows you to track and manage parameters.

What kind of useful cases can be implemented?

Using the dashboard as a remote control and automation system makes it possible to implement useful use cases such as:

◉ Track the number and quality of ongoing calls
◉ Monitor employees who joined an online meeting/standup
◉ Manage QoS parameters based on network capability needs
◉ User management (Admit, Mute, Disconnect)

What metrics and events can you collect and monitor:

◉ Call Disconnect
◉ Audio Settings
◉ Video Settings
◉ Network configuration
◉ Software update settings
◉ User interface interaction

Example dashboard you can create using the templates and functions described in this blog.

Create your dashboard using functions and templates

To track these and other parameters, we can use the jsxapi library written in JavaScript. Accordingly, we will consider examples of functions and codes which will also be written in JavaScript. Everything we will examine can be integrated into ready-to-use templates (Angular, React, Vue) for visualization and data management.

In many cases, we will use WebSockets to track parameters quickly. You must subscribe to this data to receive parameters.

We first import the appropriate packages into the code

const jsxapi = require ('jsxapi');

Initializing WebSockets connection

this.wsconnection = jsxapi.connect (this.ip, {username: this.login, password: this.password});

Looking ahead, you should also remember to create a function that will close WebSockets connection and disable feedback listening for all listeners of the group.

Here’s what it might look like

   closeConnection () {
     this.wsconnection.close ();
     this.feedbackGroup.off ();
     console.log ('Connection closed');
   }

Then, after creating necessary variables and functions, we will start them to collect and process information from devices

    this.wsconnection.on ('ready', () => {
      this.getCallHistory ();
// List of fuctions
    });

Through jsxapi, you can run xConfiguration, xCommand and xStatus commands, and you need different methods to use them.

xConfiguration (sample)

        this.wsconnection.Config.Audio.DefaultVolume.set(this.newVolume);
xCommand (sample)

        this.wsconnection.command("Time DateTime Get")
          .then((data) => {
            if (data.status === 'OK') {
              // process with data
            }
           });

xStatus (sample)

        this.wsconnection.status.get("Network 1 IPv4 Address")
          .then((history) => {
            this.ipv4 = history
          });

For online tracking of parameters, metrics, and different changes we need to register listeners.

Here’s a sample of listener that tracks changes of a device name

this.wsconnection.status.on('UserInterface/ContactInfo/Name', (newName) => {
        console.log('SystemUnit Name', newName);
        this.SystemName = newName;
      }),

Here’s a sample of listener that tracks changes of number of active calls

this.wsconnection.status.on('SystemUnit/State/NumberOfActiveCalls', (newNumberCalls) => {
        console.log('NumberOfActiveCalls', newNumberCalls);
        this.NumberOfActiveCalls = newNumberCalls;
      })

Bandle is used for mass subscription for various events

        this.feedbackGroup = this.wsconnection.feedback.group([
          // Register listeners for track changing
        ]);

Continue reading