Tuesday, 17 November 2020

Cisco and DHL Partner to Develop a Blockchain Solution

Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep, Cisco Career

Cisco’s services supply chain provides advanced hardware replacement to customers in over 120 countries and is a key service delivery component in support of Cisco’s service business.

Although Cisco owns the inventory and processes for this massive supply chain, Cisco does not own or operate a single warehouse or truck.  The entire supply chain is managed by a worldwide network of third party logistics providers, freight forwarders, and customs brokers who work in partnership with Cisco to deliver world-class support to Cisco Service’s end customers.

The service delivery and margins for this supply chain match up well against the industry.  However, the Cisco team, working together with their supply chain partners, is always looking to improve the end customer experience while also reducing costs.  One key focus area for achieving this is through improved systems integration with supply chain partners to improve the quality and timeliness of service shipment data for customer service events.

Cisco and its partner DHL worked closely together to develop a blockchain based gateway for integrating the two companies’ systems for service event dispatch and track and trace.  The architecture this team developed includes different blockchain platforms (Hyperledger Fabric and DHL BLESS) running on different cloud service providers as well as using a Splunk instance with the Splunk App for Hyperledger Fabric for visibility and monitoring.  The solution was also hosted jointly between AWS and Azure.

Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep, Cisco Career
Screenshot of blockchain gateway and its scalability to multiple supply chain partners

The combined Cisco and DHL team proved out the ability to leverage blockchain for large systems integration solution that can scale to multiple platforms and dozens of partners, all hosted on a shared blockchain for real connectivity.

This has the following benefits:

◉ Improved time to onboard partners compared to current B2B solution.

◉ Ability to make a single evolution of consortium and replicate across all partners in supply chain at once (change once vs change many).

◉ Potential to reduce current run rate of B2B data errors and exceptions.

◉ Evolve current architecture to future standards.

◉ Enhanced reporting capabilities.

◉ Cost reduction compared to current B2B infrastructure & support.

◉ Expanded data to improve the customer service experience.

◉ Future platform on which to build value added services.

Although there is more work to do for the supply chain industry as a whole to set standards and develop blockchain based solutions, this partnership between Cisco and DHL demonstrated both the viability of the technology as well as the potential to further improve supply chain efficiency while also improving customer experience.

This partnership has been an excellent example of how strategic partners can drive innovation together.

Saturday, 14 November 2020

Under Analytics

Cisco Prep, Cisco Tutorial and Material, Cisco Certifications, Cisco Guides, Cisco Career

Back when network management was booming in the early 90’s, the whole idea seemed straightforward. System administrators would speak of endpoints on the network as being “under management” or conversely “unmanaged.” There seemed to be a place for everything and looking back now at those times, enterprises seemed so simple compared to today. Maybe simple is not the right term, maybe they just seemed more orderly compared to the modern network landscape.

At some point, hackers showed up and names like “under management” or “unmanaged network elements” made little difference to them. I remember security folks in the early days joking that SNMP (Simple Network Management Protocol) stood for “Security Not My Problem.” An insecure network meant that you had an insecure business! The experienced security architect knows that whether the system is under management, under someone else’s management, or completely unmanaged, if that system is part of the business, it is still their job to secure it. To put it another way, while management of systems can span certain, more specific information systems, security must always be as wide as the business.

I would like to suggest a new term and concept for our vocabulary and that is “under analytics.” I like to think of this as a conceptual means to discuss if areas of your digital business have enough visibility for continuous monitoring of its integrity. Why not just call it “under management?” Well, because more and more these days, you are NOT the one managing that area of the network. It might be the cloud service provider managing it, but it is still your problem if something gets hacked. You could even then speak of observable domains as having certain requirements that satisfy the type of analytics you would like to perform.

There are many types of observational domains to consider so let’s talk about some here. Back in the day, there was just your enterprise network. Then when folks connected to the internet, the concepts of internal and external and even the DMZ networks were referenced as observable network domains. These days, you have to deal with public cloud workloads, Kubernetes clusters, mobile devices, etc. Let’s just say that you can speak of having any amount of observable domains for which you require telemetry that will get you the visibility required to detect the most advanced threat actors in those domains.

For each of these observable domains, there will need to be telemetry. Telemetry is the data that represents changes in that domain that feeds your behavioral analytics outcomes. You could make a list of the competency questions you would want to answer from these analytical outcomes.

◉ Are there any behaviors that suggest my systems have been compromised?

◉ Are there any behaviors that suggest some credential has been compromised?

◉ Are there any behaviors to suggest there is a threat actor performing recognizance?

Cisco Prep, Cisco Tutorial and Material, Cisco Certifications, Cisco Guides, Cisco Career
My suggestion is that you begin with these questions and then hold security analytics to them to see if they are competent to answer them daily, weekly, monthly, etc.

From there, you can go one step further and start to consider and look into scenarios like the following:

◉ We have a new partner network, is it “under analytics?”

◉ We have a new SaaS service, is it “under analytics?”

◉ This company has a new cloud deployment, do we know if it is “under analytics?”

◉ What part of our digital busines is not “under analytics?”

How well do you know your digital business behavior when it is 100% without compromise? How would you even go about answering this? The truth is, you really do need to get to this level because if you don’t, threat actors will. Even if parts of the business use SaaS products, while parts of the network are using Infrastructure as a Service (IaaS), you can still set the requirements that there must be a sufficient amount of telemetry and analytics that help you understand the answers to these questions above. Your business must always remain “Under analytics” and only then will you be one step ahead of your attackers.

Wednesday, 11 November 2020

Tetration Updates – New capabilities for microsegmentation and workload security

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Exam Prep

Cisco Tetration release 3.4 expands support for micro-segmentation, workload and container security

Cisco Tetration, a leader in micro-segmentation and workload security, announces significant new enhancements, available now, that help security architects achieve the protection required for today’s heterogeneous multicloud environments.

One of the key challenge’s businesses face is how to provide a secure infrastructure for applications without compromising business agility.  With the rise of cloud usage, containers and microservices architectures, you need a solution that brings security closer to your applications using a new firewall type of enforcement that surrounds each workload.  Many companies like Per Mar Security Services choose Tetration to be the foundation of their zero-trust and broader cybersecurity plan, protecting their critical applications from compromise.

This latest Tetration release includes features that support new microsegmentation capabilities, workload protection, sensor support for new operating system versions, platform features required for enterprise customers and much more.

Enhancements include:

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Exam Prep
Microsegmentation:

Enhanced usability and management of microsegmentation.  Granular control to specify which workloads should receive what policy elements, making policy definition, generation, and enforcement much more flexible and customizable to your environment

Latest versions and enhancements across Kubernetes and OpenShift orchestration platforms and support for microsegmentation policy enforcement on ingress controllers such as HAProxy or Nginx .

Application dependency mapping updates to speed policy generation.  (ADM offers forensic understanding of applications/workloads and their complex interdependencies)

Compromised state awareness: alerting/ policy changes after a workload or endpoint is detected as compromised with flows to a known threat.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Exam Prep
Workload Protection:

Enhanced vulnerability detection that leverages, in addition to NIST CVE (Common Vulnerabilities and Exposures) database, the latest threat intelligence from Operating System vendors to ensure accuracy and the most up to date risk profile for applications in your environment.   

New MITRE-based attack detection techniques and tactics plus several new anomalous Windows processes alerts.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Exam Prep
Usability and operational improvements

New and improved user interface to better visualize and manage application scopes, workloads that are part of those applications and associated hierarchies.

Improved visualization of policy version differences to easily understand what rules were added or removed and also filter for specific rules based on number of parameters.

Resiliency features including new mode of continuous data backup, new backup and restore workflows, the Federation of multiple Tetration clusters for a high degree of scalability and availability.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Exam Prep
Software sensors:

OS updates: Support for the latest versions of key operating systems our customers care about (RHEL, CentOS, Oracle Linux, Ubuntu, plus added support for IBM AIX for legacy applications in key verticals like healthcare and financials.

Easily transition from deep visibility to policy enforcement to speed the time to microsegmentation

Enhanced monitoring and management features for better sensor visibility and usability in key areas like monitoring, installation, upgrade status.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Exam Prep
3rd Party Ecosystem Partners

ServiceNow CMDB integration for ingesting CI (Configuration Item) attributes to provide more context to help define inventory filters, tag workloads, define policies, and visualize flow traffic.

Native support for Workload AD (Windows Domain Controller) for rich user and workload context to enhance policy definition, inventory filters and visualize flow traffic.

Tuesday, 10 November 2020

Experience the Future with Cisco and the Internet of Things

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep

It’s the year 1950, and I’m asking you what you imagine technology would be in 70 years; what would you say? My guess is you proceed to list out some science-fiction-like answers such as the existence of space exploration programs, maybe artificial intelligent robots, or perhaps the invention of some all-knowing neural network that enlightens humankind through accessible information. While such ideas may have been on the cusp of science-fiction at the time, it’s incredible to realize that we are in the generation where many of these innovations not only exist but are customer-ready today!

Oh, and by the way, remember that “all-knowing neural network” you had mentioned? This is what we presently refer to as the internet and, of course, is what you are using to access this blog at this very moment. Despite how much of a technological breakthrough the internet was during its invention in 1983, it has become such an everyday tool, and it just doesn’t spark the same excitement as it once did.

Let me be that unwarranted catalyst and re-ignite that internet excitement by introducing a new generation of internet-powered technology. A generation of technology that can harness the limitless knowledge of the internet and engrain it into inanimate objects connecting us in a way never thought possible. I am referring to the Internet-of-Things (IoT), a technological innovation spearheaded by Cisco and its state-of-the-art Application Hosting on the Catalyst Access Points (AP) platform.

What is the Internet of Things?

The Internet-of-Things is a concept where a wireless network is leveraged for communication with smart devices to accomplish tasks in a more simplified, efficient, and often automated manner. In fact, many IoT products probably have already found their way into your home already. These products come in all shapes and sizes, but some examples could be a voice-activated speaker such as an Amazon Alexa, a mobile application-controlled thermostat such as a Nest Thermostat, a motion-activated doorbell camera such as the August Doorbell Cam, or more excitingly, a voice triggered music playing salt dispenser such as the SMALT!

Other than the salt-dispenser (which actually exists), these are all products that, due to their simplicity and usefulness, have become seamlessly integrated into many of our lives.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep
Figure 1: Modern Internet-of-Things products leveraging a wireless network.

So, if IoT already exists, what is Cisco’s role in this field?

Think about how IoT products work, and you’ll realize it requires a robust wireless network to connect the IoT endpoints to the information it needs to operate. While a single wireless router can easily accomplish this for a typical household size deployment, the challenge is how we can execute this at an enterprise level, where hundreds to thousands of IoT devices must work together to form a single solution. Without a proper management infrastructure to provide visibility, serviceability, and security, IoT at scale can be a complete nightmare to deploy and manage.

Cisco’s Internet of Things Solution


Application Hosting on the Catalyst Access Points and Cisco’s intent-based networking platform, Cisco DNA Center is the solution that solves this problem. This integration allows users to leverage Cisco DNA Center to deploy custom IoT applications directly onto docker containers within Cisco’s Catalyst Wi-Fi 6 access points. This integration with Cisco DNA Center solves the problem of visibility and serviceability at scale by taking on the applications’ life cycle manager’s role and allowing users to take advantage of their existing Cisco wireless infrastructure for IoT communication.

During Day 0, a user simply uploads the IoT application onto Cisco DNA Center, and from there, can choose what locations to deploy the application. From Day 1, applications throughout an entire network can now be easily monitored and maintained through a GUI and even upgraded by simply uploading then deploying a newer version of the IoT application. With this integration with Cisco DNA Center, IoT application management has never been easier!

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep
Figure 2: Cisco DNA Center’s simplistic IoT application deployment workflow.
 
After deploying the IoT application onto the access points, the application then begins communication with its application server, leveraging each access point as an IoT gateway to communicate with surrounding IoT devices. This communication with surrounding IoT devices happens through an IoT USB connector inserted into the Cisco Catalyst access point, which can broadcast anything from Zigbee to BLE to vendor-specific proprietary RF protocols, providing true versatility to IoT solutions possible.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep
Figure 3: Application Hosting on the Catalyst Access Points IoT Topology.

What about the IoT Application itself?


This is where things get exciting! Cisco is now open for partnerships with third-party IoT development companies, providing them with the opportunity to integrate their IoT solutions with Catalyst access points. While the development of IoT applications may not be a simple feat, Cisco has streamlined the process by creating an entire website, DevNet, with the sole purpose of supporting third-party application development. With DevNet, you now have an intuitive step-by-step guide that will teach you how to go from writing a basic “Hello World” application to creating an innovative end-to-end IoT solution capable of solving real-world problems!

The marketplace of IoT Technology


Once the application has been developed, as a partner, you can then join the Solution Partner Program, which allows you to post your IoT solution directly onto DevNet. Essentially, Cisco aims to create a whole marketplace of ready-for-deployment IoT solutions, providing customers with a one-stop-shop to browse, discover, then deploy IoT solutions that best fit their niche business needs.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Prep
Figure 4: Cisco Solution Partner Program.

Together, Application Hosting, Cisco DNA Center, and DevNet form a truly seamless IoT experience that allows partners to materialize, and customers deploy any IoT envisioned solution through Cisco’s powerful yet simplistic wireless infrastructure. And that is something that anyone could have predicted!

Saturday, 7 November 2020

Invest In Your Most Critical Assets: People

Cisco Prep, Cisco Guides, Cisco Learning, Cisco Exam Prep, Cisco Tutorial and Material

If you asked our customers and partners what their most important asset is these days you’d get a variety of answers. Everything from infrastructure to real estate to mission-critical applications. To Bell Canada, one asset you can’t overlook is your people. Their philosophy is investing in people will always pay positive dividends. While investing in people may seem like common sense, Bell has taken this to the next level and has streamlined and optimized the development of their Sellers and Solutions Architects. How have they done this you ask? One way is by leveraging Cisco’s premiere architecture enablement platform, the Cisco Black Belt Academy.

Bell and Cisco. A Long-Standing Partnership.

Bell Canada, a leading Canadian provider for telecommunication services, has been a Gold Partner with Cisco Canada for decades and has always been amongst the top tier partners amongst our roughly 1,800 partners across the country. Year after year, Bell and Cisco have had significant joint success, recognized for consecutive years during Cisco Partner Summit. In 2018, Bell was recognized by Cisco for being the #1 overall partner in the Americas and has been Canada’s Partner of the Year for two years running.

“Over the course of many years, Bell has been well aligned to Cisco because of our tremendous synergy as a value-added reseller – a relationship that covers many different domains of the business. Our mutual expertise includes Network, Security, Cloud, Voice/Unified Communications and the Internet of Things,” commented Errol Fernandes, who leads Bell’s Enterprise Architecture teams as he addresses the partnership.

Ever evolving technology and staying current

As the Greek philosopher Heraclitus said, “The only constant is change.” Little did Heraclitus know that this would be the theme of our decade. The rate at which our customers’ needs continue to evolve is unprecedented. And as we have all witnessed, technology vendors and providers need to adapt quickly to continuously deliver the same best-in-class experience that customers have come to expect.

Fernandes reminds us “our technical team prioritizes staying current on the latest technology, and that includes the most recent Cisco software solutions. The Bell team has always been extremely diligent at getting the standardized certifications that Cisco offers (CCIE, CCNA etc.), and with  Cisco’s continual acquisition approach – to expand and integrate the latest technologies to solidify each portfolio – our technical sales team of almost 300 resources always needs to upskill.” This is where the Cisco Black Belt Academy aims to help in keeping partners current.

Cisco Prep, Cisco Guides, Cisco Learning, Cisco Exam Prep, Cisco Tutorial and Material

Cisco Black Belt and Developing Expertise


The Cisco Black Belt program is an enablement framework consisting of carefully curated training content, that Cisco employs in ensuring its Sales and Technical teams are well versed on the latest technologies and solutions. This framework, has allowed Cisco’s Channel Partners like Bell to integrate directly into their existing training programs. Bell in many ways, has led this charge and has rolled out Black Belt to train its roughly 300 technical and sales team members.

By leveraging the Cisco Black Belt program, Bell has been able to carefully create custom development plans that align to specific roles within the Technical Sales team within Bell Business Markets. These development plans were curated early in 2020 and went through multiple planning revisions before a successful implementation of a pilot program.

In this pilot, a group of 16 Solution Architects from various practices completed role-specific training content. At the end of the pilot the solutions architects gave a 4 star+ rating for overall user experience and content relevancy; which is outstanding for this type of pilot. Rami Al Saber, one of the pilot participants says “I believe it is a great tool for various sales teams and technical sales teams to try, as it has great learning tools.”

Because of the dynamic nature of the framework and the practical way individuals are certified – typically through proof of concepts, a solution sale or customer design – Bell is confident in the quality of the training and enablement. By partnering with Cisco and investing in their people with the Black Belt Academy, Bell is very well positioned to navigate through these uncertain times, and accelerate their business.

Friday, 6 November 2020

How Cisco Silicon One Can Help You Save Millions

Cisco Prep, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Exam Prep

Cisco Silicon One changes the paradigm of energy consumption and why that matters to the environment and how we’re dramatically more efficient than other 12.8T silicon. As the father of two young children, this is something I spend a considerable amount of my free time fretting over. As an engineer at Cisco, I feel fortunate that I can help control the continued rise of carbon emissions by developing products that focus on power efficiency.

Working for an equipment manufacturer makes it easy to focus on how the advancements we’ve made with Cisco Silicon One significantly affect one box but miss the larger impacts of what happens at a full web scale data center level. So I spent some time analyzing how building systems with Cisco Silicon One could impact customers deploying massive web scale networks. I created a model for a web scale data center with 110,000 servers to help you understand the ramifications.

Going into the analysis, I wasn’t really sure what to expect, but I was amazed when I found that simply by deploying Cisco Silicon One customers could save up to 580kW and up to $9.75 million dollars. Let’s look closer at what I modeled and what I found.

Most web scale customers treat data center topologies as carefully guarded secrets so I created a representative topology using 1RU pizza boxes with a 3.2Tbps Top of Rack (TOR) switch, a 12.8Tbps leaf switch, a 12.8Tbps spine switch, and a 12.8Tbps Data Center Interconnect (DCI) router.

Cisco Prep, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Exam Prep

I then analyzed how energy consumed by the switch silicon is delivered through a system and the greater facility, as well as how the heat generated in the process is removed. The less efficient the systems and facilities are, the larger the savings would be with Cisco Silicon One.

As an engineer, I find it more persuasive to lean conservative in my estimates and show potential savings even with highly efficient systems and facilities. The model makes the following assumptions: a total system efficiency of 85 percent and a facility Power Usage Efficiency (PUE) of 1.2.

Both are close to industry-leading numbers. Together these show that for every watt consumed by the switch silicon, 1.41W will be consumed by the facility.

Cisco Prep, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Exam Prep

Because of the impressive efficiency of Cisco Silicon One versus other silicon on the market, simply by building a network with Cisco Silicon One could save customers up to 580kW or 30 percent of network switching power.

Cisco Prep, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Exam Prep

As impressive as the power savings is, what’s more interesting is what saving that much power means to the customer.

According to the U.S. Energy Information Administration (EIA), the average commercial price per kilowatt-hour (kWh) is 10.67 cents, while in low-cost regions it can be as low as 4.68 cents per kWh. And according to Turner & Townsend, building a 30MW web scale data center costs between $7.1 and $8 per watt in the United States. Together, these may enable a customer to save between $6.8 million and $9.75 million over a 10-year period.

Cisco Prep, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Exam Prep

The power reduction in networking can also be used to add more revenue-generating servers. With an average server power of 500W, this translates to being able to add another 966 servers or roughly a one percent increase in the total server count of the facility.

These were astounding findings. But what’s most impressive about Cisco Silicon One is that while we can be so energy efficient, we also provide the highest performance and most flexible routing and web scale switching silicon on the market under a fully unified architecture.

Thursday, 5 November 2020

The New Care Outlook, According to Healthcare Executives

Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Exam Prep

This year, the healthcare sector has been thrust into the spotlight globally. Healthcare is the front line, but also our last line of defense in this pandemic – doing incredibly important, but also dangerous work with huge health and economic consequences.

To date, healthcare providers have been focused on the response phase of COVID-19 which, as the state of Victoria in Australia has proven, is not necessarily linear. We are starting to realize that this pandemic is not predictable, and we will need our systems, institutions and individual mindsets to be dynamic, adaptive and resilient.

To discuss the impact of the pandemic to care and the outlook in a post-pandemic world, we gathered virtually more than 30 health and aged-care executives from Australia, New Zealand and the US. The conversation was part of a Cisco round table, aligned to a broader industry series and anchored by perspectives from Silver Chain Group (Dale Fisher), the Cisco-RMIT Health Transformation Lab, Flinders University and representatives from executives at acute and community health institutions.

The conversation highlighted a number of themes that describe the challenges and opportunities in healthcare ahead and are summarized in the graphic below.

Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Exam Prep

One of the strong themes emerging from the round table was the importance of digital infrastructure and capability in helping institutions maintain business continuity, improve levels of care, and ultimately be more responsive to changing conditions. In the quest for short term workarounds, organizations are realizing that things like cybersecurity and redundancy cannot be compromised.

A similar round table is planned for earlier next year to again reflect on and re-imagine the next normal that we are now living through.

Stay tuned for additional insights on that round table!

Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Learning, Cisco Exam Prep