Saturday, 12 December 2020

Take SecureX wherever you go – introducing the new ribbon browser extension

2020 has been a doozy of a year, and it can be an especially challenging time to keep your organization running smoothly in an already complex and ever-evolving security environment. Security analysts juggle an overwhelming number of alerts siloed across multiple consoles in order to counter attacks, protect against breaches, and stay compliant – and many are doing this while working from home for most of this year. This balancing act reminds me of my own personal experiences that you might be able to relate to.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides
Figure 1. With the SecureX ribbon browser extension, extract observables from third-party tools such as Splunk and take response actions.

For many of us this year, we’ve been juggling more than we would’ve ever anticipated. My typical day while working from home also consists of preschool drop-offs, ordering grocery deliveries, IT support for my son’s remote learning classes, and scheduling virtual medical appointments. It can be overwhelming to keep track of everything and everyone without outsourcing services like I might’ve done in the past. I have a secret weapon that has helped me navigate this “new normal” — a digital assistant. Before this year, the primary uses of my Google Nest Hubs’ were to (expensively) tell time and set cooking timers. However, during this global pandemic, it’s been put on overdrive to help simplify the chaos of a complicated 2020 for our household. This system keeps my life running smoothly: important appointment reminders, notifications via Family Bell for my son’s class schedule, broadcasting to my family that dinner is ready, and smart home automation throughout the day such as a turn-down schedule for the thermostat.

So just as a global pandemic waits for no one, neither does the critical work of a security operations team whose goal is keeping threat dwell time down and compliance up. That engine must keep running to stay ahead of the ever-evolving threat landscape. Something like a Google Nest Hub (or Amazon Echo Show, if that’s the ecosystem you’re partial to), could help you work more efficiently and effectively. Specifically, not only could you connect your security tools together in one place, even from third-party vendors, but also easily access these tools wherever you go and take just a minute to get started. Enter the SecureX ribbon, now available through a browser extension.

The SecureX platform debuted in June to simplify your security experiences by connecting Cisco Secure products and your existing infrastructure. One of the most powerful SecureX capabilities is the ribbon, which shares and maintains context on cases and incidents in one persistent location at the bottom of SecureX and Cisco Secure product consoles. It provides this cross-product functionality for more efficient threat hunting, incident management, as well as unified visibility and response actions – all across each of your consoles. As such, you can also launch these product consoles from the ribbon. The ribbon apps that enrich investigations are brokered by SecureX– available not only in SecureX but also Cisco Secure products.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides
Figure 2. The persistent ribbon within SecureX and Cisco Secure product consoles.

Now, SecureX takes it to the next level – the same ribbon functionality is now available through an extension for Firefox, Chrome, and Edge browsers. Similar to the Google Nest Hub, the SecureX ribbon is accessible through your endpoint security, network devices, and now any webpage or browser-based console — so customers can:

◉ Easily connect with your third-party tools. Make better use of your existing security tools, Cisco or otherwise, without a complex integration process. With the ribbon browser extension, you can extract observables or endpoint IPs into the ribbon app from your third-party tools and pivot into an investigation.

◉ Start investigating from your browser in one minute. That’s how long it takes to deploy the extension, and then you can kick off investigations immediately. Let’s say you start your day scanning the blogs by our industry-leading Cisco Talos or perhaps an ISAC from your industry. From either of those intel sources, you can quickly query endpoints, and take response actions without pivoting into another console.

◉ Collaborate across your security team better than ever before. With the extension, you can create or add to a case – directly from the browser – and share with team members. The unified experience is now even more accessible, and elevates cross-functional collaboration.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides

Friday, 11 December 2020

Revolutionize how you manage application resources across any environment

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Preparation, Cisco Guides

The business, application and infrastructure landscape has been changing rapidly over the last few years and even faster this year. Gone are the days where a handful of monolithic applications were running in a single datacenter fully managed by a central team – simpler days.  IT teams are now required to use a diverse set of environments, distributed technologies, architectures, platforms and tools to manage the critical IT resources required to keep their apps running no matter where they reside.

The job of managing all this complexity around how user experiences are delivered through applications is now beyond human scale and has big implications for IT teams and businesses including; application performance issues, time wasted in war rooms and fighting fires, underutilized infrastructure, public cloud overprovisioning, and cost overruns.

According to an Insight IT Modernization survey conducted by IDG, more and more organizations are dealing with similar challenges and realizing  the need for simplifying and streamlining their IT operations to be successful. 67% of survey respondents believe that business transformation efforts cannot proceed effectively without IT modernization.

In order to confront this complexity and ensure success in this new world, organizations are focusing on IT modernization projects in terms of quality of service, cost efficiency, availability, customer experience and more time for innovation

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Preparation, Cisco Guides

But how can this be achieved?

IT modernization means optimizing operating models


To streamline processes and efficiently balance application performance and cost, the only choice is to automate resource management and decisions for workload placement and optimization.  But deciding what workloads to run on which platform, making real-time changes as required to ensure optimal performance and cost across any environment, monitoring and troubleshooting with minimum disruption, are all tasks that take time and resources. And as complexity increases, more and more human resources are required.

This is where AIOps comes in.

To optimize an environment end-to-end, you need access to a constant stream of telemetry data from dozens, hundreds, perhaps thousands of sources. Correlating and continuously analyzing all this data with an intelligent real-time decision engine to understand how everything fits together now and in the future is the way forward. A new generation of open tooling is required to connect all the dots and offer the insights and automated actions to stay ahead of demand, stay ahead of problems, and respond to new projects with confidence.

Rethink Cloud Operations


Recognizing these challenges, Cisco unveiled a new vision for the evolution of Cisco Intersight last month, detailed in a blog by Kaustubh Das, VP/GM of Cisco’s Cloud & Compute group. Cisco Intersight is a modular cloud operations platform that brings together IT teams, tools, infrastructure, and apps and helps operations personnel visualize, optimize, and orchestrate apps and infrastructure, wherever they are.  Delivering on this vision, we are happy to announce that we have released Cisco Intersight Workload Optimizer, the first in a series of powerful new Intersight solutions designed to simplify cloud operations.

Intersight Workload Optimizer (IWO) radically simplifies application resource management at scale to prevent application performance issues while reducing cost. It continuously optimizes critical resources resulting in efficient use of infrastructure whether on premises or in public clouds. It removes the guesswork from ongoing operations and planning for growth.

Turning data into action


IWO accomplishes all this through its AI-enabled decision engine that proactively matches workloads to the resources they need in real-time, using a process of data abstraction, analysis, and automation across the stack. It understands workload interdependencies, resource consumption, and costs from infrastructure to applications.  It leverages telemetry data from a broad third-party ecosystem across a range of endpoints including hypervisors, compute platforms (including Cisco UCS and Cisco HyperFlex), container platforms, public clouds, applications and more, to deliver intelligent recommendations for where to place and how to size and scale resources.

As a result, Intersight Workload Optimizer establishes a common control plane for resources across hybrid cloud environments, helping IT teams to navigate and automate the dynamic resource trade-offs and relevant decisions needed to balance application performance and cost.

After the metrics from registered endpoints have been collected in a common database and normalized into an abstracted model, AI-assisted analysis is done on an ongoing basis in real-time to provide proactive recommendations to right-size resources and recommend or automatically take action as required. This enables smooth operations and ensures a good digital experience for the consumers of any application.

Optimize hybrid cloud deployments


With distributed, multicloud applications becoming a common use case, IWO takes away the pain of having to monitor and manage individual cloud platforms with cloud-specific tools. IWO can provide recommendations on workload placement as well as on types of instances including “spot” or Reserved Instances (RI’s), databases, storage, and other application components. It can also recommend and take actions such as dynamically scaling or shutting down workloads, always optimizing based on performance and cost.

Manage Kubernetes at scale


Kubernetes has become the de facto standard for container orchestration. However, for IT teams, Kubernetes has introduced an additional layer of complexity with a new environment that needs configuring and monitoring on top of existing infrastructure platforms. Intersight Workload Optimizer complements and augments existing Kubernetes capabilities for ongoing day 1 and day 2 operations with the ability to do container right-sizing, pod “move”/rescheduling, cluster scaling, and scenario planning for Kubernetes deployments.

Integration with APM tools


Intersight Workload Optimizer has enhanced integrations with 3rd party Application Performance Management (APM) solutions, including Cisco AppDynamics. The result is deeper visibility, insight and actions based on the relationship between apps and associated infrastructure, leading to even smarter resourcing decisions that are tied back to the actual application user experience. The integration provides a single source of truth for application and infrastructure teams to work together more effectively, avoiding finger pointing and late-night war rooms.

A “Hands-off” Operational Model


By applying the same set of abstraction-analysis-automation principles for any technology in IWO’s broad, third party ecosystem and for all layers of the application and resource stack, IWO is able to deliver powerful capabilities that simplify day-to-day operations for IT team members (sysadmins, v-admins, production and integration teams, cloud architects and DevOps teams etc) in an organization.

Leveraging its agentless architecture that is modularized and delivered as a Service, Intersight Workload Optimizer can rapidly expand any supported ecosystem to meet our customers’ evolving needs, however and wherever they operate. It can truly provide a closed-loop operating model based on extensive and deep visualization between applications and infrastructure, powered by AI, analytics, and automation.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Preparation, Cisco Guides

Thursday, 10 December 2020

Protecting Workloads Across Any Cloud and Application…Anywhere!

Automating and implementing a secure, zero-trust model for micro-segmentation based on application behavior and telemetry is easy to do using Cisco Secure Workload (formerly known as Tetration). See how your business can seamlessly achieve workload protection by providing:

◉ Reduced attack surface – Automate micro-segmentation through customized recommendations based on your environment and applications.

◉ Remain compliant – Granular visibility and control over application components with automatic detection and enforcement of compliance.

◉ Gain visibility – Track the security posture of applications across your entire environment.

◉ Enable Zero Trust – Implement a zero-trust model via continuous behavioral monitoring and automated enforcement of micro segmentation policies to every workload

Cisco Exam Prep, Cisco Preparation, Cisco Guides, Cisco Certification

New Cisco Secure Workload Learning Module

In the new Cisco Secure Workload Learning Module, we will introduce the Open API, which includes easy to use and comprehensive APIs to perform reporting, make configuration changes, export flow data, and more. We will deep dive into the API endpoints that provide visibility and compliance of workloads, application and policy modeling, and deployment of agents and segmentation. We also review how to install and utilize the Secure Workload Python SDK.

In the first lab we will:

◉ Reserve a sandbox environment to work with

◉ Clone the necessary code from GitHub

◉ Setup Postman and Python environments

◉ Explore simple API requests using Postman and the Python SDK

Cisco Exam Prep, Cisco Preparation, Cisco Guides, Cisco Certification

For the second lab we will cover:

◉ Query & display all sensors in an application scope

◉ Download the agent package and configuration files programmatically

◉ Download & deploy the agent ‘auto-install’ script to an agent in the Secure Workload Sandbox Environment

◉ Query vulnerabilities on all sensors, identify new vulnerabilities introduced with new sensor

Tuesday, 8 December 2020

Cisco CCNP Security 350-701 Certification | Syllabus | Practice Test

 

Cisco SCOR Exam Description:

This exam tests a candidate's knowledge of implementing and operating core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. The course, Implementing and Operating Cisco Security Core Technologies, helps candidates to prepare for this exam.

Cisco 350-701 Exam Overview:

Related Articles:-

A Three-Pronged Approach to Small Business Office Safety

Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certification, Cisco Career

For every small business, it’s essential to keep people healthy and safe. Like the old saying goes, safety first. And now with COVID-19, monitoring workplace hazards is an even higher priority. No matter how small your business might be, as an employer, you need to keep your workers and customers safe without disrupting the flow of business.

Using a combination of smart cameras and sensors, and collaboration tools, you can monitor your workplace and support social distancing and density limit policies. And apps for smartphones and wearables can help with employee health monitoring and contact tracing.

Beyond the technology, you need to take a three-pronged approach to help make sure everyone stays safe during the pandemic and beyond. You need to develop policies to prevent hazards, ensure that your safety procedures are implemented, and respond when emergencies arise.

Fortunately, easy to use technology can help in each of these areas.

1. Develop safety policies and procedures to prevent hazards

Effective workplace hazard monitoring goes hand-in-hand with well-designed safety policies. The US Occupational Health and Safety Administration (OSHA) has issued some general guidelines on preparing workplaces for COVID-19. OSHA recommends that all employers create an infectious disease preparedness and response plan for addressing the coronavirus as well as other potential health hazards. Similar codes exist around the globe. A well-designed plan should consider how workers might be exposed to COVID-19 through other workers, customers, and contacts outside the workplace. It should also factor in workers’ individual risk factors, such as age or pre-existing health conditions.

General preventive measures that OSHA advises employers to implement include:

◉ Exploring policies that can promote social distancing, such as telecommuting or flexible work hours

◉ Providing personal protective equipment, such as masks or goggles, as well as training for using such equipment

◉ Promoting hand washing

◉ Providing hand sanitizer containing at least 60% alcohol when hand-washing facilities aren’t available

◉ Encouraging workers to follow respiratory etiquette practices such as covering coughs and sneezes

◉ Advising sick workers to stay home

◉ Disinfecting surfaces and equipment regularly

◉ Discouraging workers from using other workers’ desks, phones, and equipment when possible

In addition to preventive policies, OSHA advises employers to develop policies and procedures for prompt identification and isolation of potentially infected workers. Such procedures can range from providing a separate room for workers exhibiting COVID-19 symptoms to instructing sick workers to stay home.

Technology can play a major role in helping employers implement these guidelines. For example, by using smart cameras in conjunction with analytics, you can gain a better understanding of how people move around your space so you can redesign workflows. Collaboration tools help simplify remote work and make it easier to manage staggered shifts where some people are in the office and some are not. Remote collaboration tools should include robust security features and be connected using network switches and routers that are user-friendly, flexible, and secure.

2. Monitor your workplace with smart cameras

Smart video cameras can be a valuable tool for monitoring the workplace to promote safety measures against COVID-19. Today’s cameras can be used for far more than simply physical security. They form part of a wireless ecosystem that small businesses can use for a wide range of applications. For example, Cisco Meraki MV smart cameras are used in retail environments for counting customers and analyzing floor traffic patterns to help optimize in-store marketing. That same technology can be deployed to collect information that supports workplace safety policies.

For example, let’s say your facility has a social distancing policy that requires workers to stay at least six feet apart. Just because people know the policy exists doesn’t necessarily mean it will be followed. Surveillance cameras can provide transparency and accountability and help you identify the areas of your facility that are most prone to social distancing issues. Armed with this information, you can take steps to remedy problems in those parts of your premises.

Ideally, a strategic plan for monitoring your small business with surveillance cameras should follow a three-step procedure:

◉ Install a smart camera surveillance system that can show you where people are, where they go, and what they’re doing.

◉ Connect your smart surveillance system to a cloud network that lets you review and analyze footage through a central dashboard

◉ Assess the footage and access the video analytics for object detection and motion heatmaps to support safer workplace policies and procedures

Cutting-edge smart cameras such as Cisco Meraki MV can pick up more information that just images. The built-in intelligence includes motion heatmaps that display relative movement over time so you can see traffic patterns and object detection that shows you where people are, so you can see where they’re congregating and where they linger.

Cisco Prep, Cisco Tutorial and Material, Cisco Guides, Cisco Certification, Cisco Career
For purposes of preventing COVID-19, you can track where workers and customers are congregating on your premises and whether there are any motion patterns that conflict with your social distancing policies. You can then review these movement patterns and determine whether measures such as installing barriers or rerouting traffic might help promote safer social distancing.

Workplace monitoring also can help you monitor worker behavior. For example, you can make sure hand washing and sanitizing procedures are being followed. Healthcare providers have long been aware that simply having hand hygiene policies does not guarantee their enforcement. On average, healthcare providers wash their hands less than half as often as they should, according to the Centers for Disease Control and Prevention.

A study by the Santa Clara Valley Medical Center found that healthcare workers are twice as likely to comply with hand washing policies when they know they are being monitored. Now some hospitals are installing digital sensors and apps to monitor how frequently workers wash their hands. The MV campers let you view video quickly with motion recap, which summarizes activity into a single image, so you don’t have to scroll through a lot of irrelevant video to get answers.

Smart surveillance cameras can also help promote policies requiring workers to wear masks. When workers know they’re being monitored, they’re more likely to comply with mask mandates. Cameras can help reduce the need for unpleasant confrontations and heavy-handed measures. Surveillance cameras can be particularly useful for monitoring parts of your facility where workers are most likely to neglect social distancing and mask-wearing policies, such as break rooms.

3. Identify and resolve issues

In addition to preventive measures, a viable COVID-19 workplace safety policy must include procedures for identifying and addressing situations where workers are displaying coronavirus symptoms or are already infected. This is another area where using the right technology tools can help you implement safety policies.

Some employers have adopted temperature checks and other diagnostic screening procedures as a way to identify workers with coronavirus symptoms. One way to protect screeners is by using telehealth technology to support social distancing during screening. By pairing smartphones with smart thermometers, you can take your temperature with your iPhone or Android device. Using this type of technology can allow workers to provide temperature readings to employers from a socially safe distance.

Stay safe and wash your hands

The Cisco Designed portfolio includes technology that is curated specifically for small businesses. We can help you set up tools for safe distancing and real-time monitoring.

Saturday, 5 December 2020

Regaining Control of the Digital Experience

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Guides, Cisco Learning, Cisco Career

2020 will likely be remembered as the year that pushed enterprises over the digitization tipping point. In just a few months, enterprises have had to transform how their employees work, how they serve their customers, and in some cases, they have had to also pivot to a new business model. Knowledge workers are now working from anywhere, contact center agents are taking customer calls from their home, patients are electing to visit their physician virtually, and consumers have moved to digital channels.

Some of these changes are temporary, but many are likely here to stay.

This shift has led to a disaggregated digital footprint and hyper-distributed IT environments. As enterprises accelerate their adoption of cloud hosted applications across hybrid and multicloud architectures, applications and services have also become more distributed.

While the perimeter of the IT environment has drastically expanded, IT does not always have full control over the application and infrastructure stack, and connectivity is reliant on unpredictable third-party networks, IT is still responsible for delivering a seamless end user experience.

So how can IT continue to optimize digital experience?

It starts with visibility – with an end-to-end view of the delivery of applications and services over the Internet.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Guides, Cisco Learning, Cisco Career

By pairing Application Performance Monitoring (APM) and Network Intelligence, enterprises can get a complete view of the health of their applications and how users experience them.

APM provides proactive visibility into the application delivery, performance, and key performance indicators of business metrics for applications hosted on premise or in the cloud – and managed by IT.

Network Intelligence provides visibility into external dependencies (such as SaaS applications, APIs, DNS, and ISP connectivity) and correlates application layer visibility with hop-by-hop visibility across network paths and Internet routing data.

APM provides visibility for DevOps teams, so that they can make the necessary architectural decisions to deliver optimal application performance. Network Intelligence gives inside-out and outside-in visibility for NetOps and CloudOps teams, so that they can reduce Mean Time to Troubleshoot (MTTT), ensure business continuity and maintain a high-quality end user experience.

While COVID may have accelerated the digital transformation of most enterprises and pushed them over the technology tipping point, “in the end, tipping points are a reaffirmation of the potential for change and the power of intelligent action” (Malcolm Gladwell).

Through the power of two industry leading solutions – AppDynamics and ThousandEyes – we believe that enterprises can take intelligent action and regain control of the digital experience of their employees and customers in a hyper distributed new normal.

Cisco Exam Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Guides, Cisco Learning, Cisco Career

Friday, 4 December 2020

All Tunnels Lead to GENEVE

Cisco Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides

As a global citizen, I’m sure you came here to read about Genève (French) or Geneva (English), the city situated in the western part of Switzerland. It’s a city or region famous for many reasons including the presence of a Cisco R&D Center in the heart of the Swiss Federal Institute of Technology in Lausanne (EPFL). While this is an exciting success story, the GENEVE I want to tell you about is a different one.

GENEVE stands for “Generic Network Virtualization Encapsulation” and is an Internet Engineering Task Force (IETF) standards track RFC. GENEVE is a Network Virtualization technology, also known as an Overlay Tunnel protocol. Before diving into the details of GENEVE, and why you should care, let’s recap the history of Network Virtualization protocols with a short primer.

Network Virtualization Primer

Over the course of years, many different tunnel protocols came into existence. One of the earlier ones was Generic Routing Encapsulation (GRE), which became a handy method of abstracting routed networks from the physical topology. While GRE is still a great tool, it lacks two main characteristics that hinder its versatility:

1. The ability to signal the difference of the tunneled traffic, or original traffic, to the outside—the Overlay Entropy—and allow the transport network to hash it across all available links.

2. The ability to provide a Layer-2 Gateway, since GRE was only able to encapsulate IP traffic. Options to encapsulate other protocols, like MPLS, were added later, but the ability to bridge never became an attribute of GRE itself.

With the limited extensibility of GRE, the network industry became more creative as new use-cases were developed. One approach was to use Ethernet over MPLS over GRE (EoMPLSoGRE) to achieve the Layer-2 Gateway use case. Cisco called it Overlay Tunnel Virtualization (OTV). Other vendors referred to it as Next-Generation GRE or NVGRE. While OTV was successful, NVGRE had limited adoption, mainly because it came late to Network Virtualization and at the same time as the next generation protocol, Virtual Extensible LAN (VXLAN), was already making inroads.

Cisco Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides
A Network Virtualization Tunnel Protocol

VXLAN is currently the de-facto standard for Network Virtualization Overlays. Based on the Internet Protocol (IP), VXLAN also has an UDP header and hence belongs to the IP/UDP-based encapsulations or tunnel protocols. Other members of this family are OTV, LISP, GPE, GUE, and GENEVE, among others. The importance lays in the similarities and their close relation/origin within the Internet Engineering Task Force’s (IETF) Network Virtualization Overlays (NVO3) working group.

Network Virtualization in the IETF


The NVO3 working group is chartered to develop a set of protocols that enables network virtualization for environments that assume IP-based underlays—the transport network. A NVO3 protocol will provide Layer-2 and/or Layer-3 overlay services for virtual networks. Additionally, the protocol will enable Multi-Tenancy, Workload Mobility, and address related issues with Security and Management.

Today, VXLAN acts as the de-facto standard of a NVO3 encapsulation with RFC7348 ratified in 2014. VXLAN was submitted as an informational IETF draft and then become an informational RFC. Even with its “informational” nature, its versatility and wide adoption in Merchant and Custom Silicon made it a big success. Today, we can’t think of Network Virtualization without VXLAN. When VXLAN paired up with BGP EVPN, a powerhouse was created that became RFC8365—a Network Virtualization Overlay Solution using Ethernet VPN (EVPN) that is an IETF RFC in standards track.

Why Do We Need GENEVE if We Already Have What We Need?


When we look to the specifics of VXLAN, it was invented as a MAC-in-IP encapsulation over IP/UDP transport, which means we always have a MAC-header within the tunneled or encapsulated packets. While this is desirable for bridging cases, with routing it becomes unnecessary and could be optimized in favor of better payload byte usage. Also, with the inclusion of an inner MAC-header, signaling of MAC to IP bindings becomes necessary, which needs either information exchanged in the control-plane or, much worse, flood-based learning.

Cisco Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides
Compare and Contrast VXLAN to GENEVE Encapsulation Format

Fast forward to 2020, GENEVE has been selected as the upcoming “standard” tunnel protocol. While the flexibility and extensibility for GENEVE incorporates the GRE, VXLAN, and GPE use-cases, new use-cases are being created on a daily basis. This is one of the most compelling but also most complex areas for GENEVE. GENEVE has a flexible option header format, which defines the length, the fields, and content depending on the instruction set given from the encapsulating node (Tunnel Endpoint, TEP). While some of the fields are simple and static, like bridging or routing, the fields and format used for telemetry or security are highly variable for hop-by-hop independence.

While GENEVE is now an RFC, GBP (Group Based Policy), INT (In-band Network Telemetry) and other option headers are not yet finalized. However, the use-case coverage is about equal to what VXLAN is able to do today. Use cases like bridging and routing for Unicast/Multicast traffic, either in IPv4 or IPv6 or Multi-Tenancy, have been available for VXLAN (with BGP EVPN) for almost a decade. With GENEVE, all of these use-cases are accessible with yet another encapsulation method.

Cisco Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides
GENEVE Variable Extension Header

With the highly variable but presently limited number of standardized and published Option Classes in GENEVE, the intended interoperability is still pending. Nevertheless, GENEVE in its extensibility as a framework and forward-looking technology has great potential. The parity of today’s existing use cases for VXLAN EVPN will need to be accommodated. This is how the IETF prepared BGP EVPN from its inception and more recently published the EVPN draft for GENEVE.

Cisco Silicon Designed with Foresight, Ready for the Future


While Network Virtualization is already mainstream, the encapsulating node or TEP (Tunnel Endpoint) can be at various locations. While a tunnel protocol was often focused on a Software Forwarder that runs on a simplified x86 instruction set, mainstream adoption is often driven by the presence of Software as well as Hardware forwarder, the latter built into the switch’s ASIC (Merchant or Custom Silicon). Even though integrated hybrid overlays are still in their infancy, the use of Hardware (the Network Overlay) and Software (the Host Overlay) in parallel are widespread, either in isolation or as ships in the night. Often it is simpler to upgrade the Software forwarder on a x86 server and benefit from a new encapsulation format. While this is generally true, the participating TEPs require consistency for connections needed with the outside world and updating the encapsulation to such gateways is not a simple matter.

In the past, rigid Router or Switch silicon prevented fast adoption and evolution of Network Overlay technology. Today, modern ASIC silicon is more versatile and can adapt to new use cases as operations constantly change to meet new business challenges. Cisco is thinking and planning ahead to provide Data Center networks with very high performance, versatility, as well as investment protection. Flexibility for network virtualization and versatility of encapsulation was one of the cornerstones for the design of the Cisco Nexus 9000 Switches and Cloud Scale ASICs.

We designed the Cisco Cloud Scale ASICs to incorporate important capabilities, such as supporting current encapsulations like GRE, MPLS/SR and VXLAN, while ensuring hardware capability for VXLAN-GPE and, last but not least, GENEVE. With this in mind, organizations that have invested in the Cisco Nexus 9000 EX/FX/FX2/FX3/GX Switching platforms are just a software upgrade away from being able to take advantage of GENEVE.

Cisco Prep, Cisco Tutorial and Material, Cisco Certification, Cisco Learning, Cisco Guides
Cisco Nexus 9000 Switch Family

While GENEVE provides encapsulation, BGP EVPN is the control-plane. As use-cases are generally driven by the control-plane, they evolve as the control-plane evolves, thus driving the encapsulation. Tenant Routed Multicast, Multi-Site (DCI) or Cloud Connectivity are use cases that are driven by the control-plane and hence ready with VXLAN and closer to being ready for GENEVE.

To ensure seamless integration into Cisco ACI, a gateway capability becomes the crucial base functionality. Beyond just enabling a new encapsulation with an existing switch, the Cisco Nexus 9000 acts as a gateway to bridge and route from VXLAN to GENEVE, GENEVE to GENEVE, GENEVE to MPLS/SR, or other permutations to facilitate integration, migration, and extension use cases.

Leading the Way to GENEVE


Cisco Nexus 9000 with a Cloud Scale ASIC (EX/FX/FX2/FX3/GX and later) has extensive hardware capabilities to support legacy, current, and future Network Virtualization technologies. With this investment protection, Customers can use ACI and VXLAN EVPN today while being assured to leverage future encapsulations like GENEVE with the same Nexus 9000 hardware investment. Cisco thought leadership in Switching Silicon, Data Center networking and Network Virtualization leads the way to GENEVE (available in early 2021).

If you are looking to make your way to Geneve or GENEVE, Cisco makes investments in both for the past, present, and future of networking.