What IT loves about Webex Control Hub

We work from just about anywhere. Coffee shops, airplanes, kitchen tables. The nature of our work is hybrid and when we aren’t in shared spaces with our colleagues, we rely on our collaboration suite to keep us connected. As the collaboration leader for video endpoints across Cisco, my day revolves quite heavily around Webex and delivering consistent collaboration experiences to Webex users.

As we work across the world using collaboration tools both internally and externally, managing that experience is becoming more complex. With earlier tools, learning when, where, and why our collaboration services, devices, or applications faltered was like trying to find a rogue brace in 100,000 lines of code. Shortly after we migrated to our Cisco Collaboration Meeting Rooms Cloud solution, we began working on Webex Control Hub. Ever since, we’ve become smarter about pinpointing those rogue braces.

Control Hub is a centralized collaboration management portal that offers troubleshooting, analytics and compliance capabilities for our collaboration portfolio. We have multiple services, like Webex Meetings, Webex App, Webex Devices, Webex Calling, and with Control Hub, we get to see what’s happening across the board in our environment. In a word, it’s amazing.

Diving into Webex data to troubleshoot

In the past, let’s say Fernando called to escalate a connection issue he had with Webex Meetings. We’d have to wait on Cisco Technical Assistance Center (TAC) to get backend Webex data and send it our way. Then, we’d go down a rabbit hole trying to pinpoint the issue, pulling information from different sources while trying to piece together a picture of what went wrong. Meanwhile Fernando is frustrated he can’t join calls. It’s affecting his work productivity. It’s not great for business.

Today, when Fernando says he has a problem, we find it quickly. Control Hub populates a single dashboard with data from our entire environment, from aspects like users, devices, places, and services. Control Hub visually organizes that data to show me where Fernando is having issues, whether it’s a network issue, or a loose cable on his Cisco Webex Desktop Pro device. It’s a user-friendly interface, and in an instant, I spot when Fernando’s call is disrupted, for how long, what his bandwidth was, his latency – I get the entire picture, not pieces.

An administrator’s view of Webex Control Hub

If Fernando was on a conference call at the time of his connection issue, Control Hub offers up meeting information in a single view. All the participants, the types of endpoint clients they’re using, the meeting type, how long it takes to join the meeting, and network statistics of the call are visible. As an admin, joining the call to evaluate it in real time and troubleshoot live is an option.

In Control Hub, we pull logs from a device, whether it’s on the network or not. We comply with data privacy in every region, and while we can’t see everything, alerts and some diagnostics pop up, which is always better than nothing. We get way more troubleshooting capabilities for devices that aren’t on the network.

When viewing the logs, the simple dashboard reports when changes happen, and this information is collected. It narrows down the field of what is going on when a user says, ‘my device isn’t working’.

I’ve helped Fernando within a few minutes instead of a few hours. With analytics, I’ve identified if this is a particular pattern other users may be having and proactively monitor or alert them before it becomes an issue. Control Hub enables us to be more efficient, more resilient, and more focused on providing an exceptional collaboration experience.

Winning with user and device management

Managing thousands of devices and users comes with its own nuances, not to mention security protection challenges. Control Hub simplifies provisioning, authentication, and authorizing users on our Webex platform. We ensure that only successfully authenticated users are accessing spaces and services they’re meant to, using Key Management Service (KMS) – meaning unauthorized users will not be able to join your calls or spaces.

Once users are added, we manage their services and settings from Control Hub. This makes onboarding so much more straightforward. When new hires join Cisco, they turn their laptops on, sign in, and get straight to work meeting their new colleagues. When employees refresh their laptops or buy a new device, they don’t need to go through a long migration or setup. They log in, authenticate with Single Sign-On and Duo, and it works. We download device logs and push configuration changes to devices as well. It helps us make the collaboration experience better for everyone.

We also run proactive scripts that help us monitor devices regularly. These scripts perform audits on the devices for status, and if something pops up a couple of times, we open a case. The reason we do this is to make sure that the devices in our demo centers and offices are working to specification. Meaning, if Sam walks into a conference room in San Jose one week and into Bangalore another, her experience of the devices is consistent, no matter where she is in the world.

Simplified support and APIs

A lot of internal development went into simplifying the bot creation process with BotLite, a bot-making platform powered by MindMeld and Webex Teams. Using bots transforms so much of our work in terms of how we’re able to better support our user base and how our user base becomes more comfortable with self-service.

German Cheung, a Cisco technical systems engineer, has developed diverse tools via Webex Bots that add a lot of value to our services. The BVE Support bot, for example, provides various tools to our multi-tiers support teams based on their roles without breaking apart the role-based access permission in Control Hub. With the intelligent workflows and automations built into the bot, our support teams can interact with the bot to check, diagnose, pinpoint, and fix the issues in a few clicks. The bot helps to standardize the procedures of diagnosis, troubleshooting, validation and fixing. It also helps to reduce human intervention and the misconfiguration caused by human errors. MTTR (Mean Time to Repair) has decreased significantly. The bot remediates issues caused by access permissions, case escalations, and repeated steps. For example, one bot tool, UCM Calling Enablement in Webex, completes all checks across multiple infrastructures and services, and fixes issues automatically in about 15 seconds. Manually, that task usually takes anywhere from several minutes to several hours. The bot resolves cases quickly and more importantly, the user experience is that much better.

A great deal of information comes from various contributing platforms that help us make calls, launch applications, and develop bots. When we think of Webex, it’s not only about video endpoints and Webex meetings. We also have Webex apps that encourage engagement or streamline our workspaces too, like Miro, Slido, and M365. We manage those configurations within Control Hub.

Cisco IT has a culture of developing creative solutions. Webex has an open architecture; it allows you to develop your own solution. If we don’t offer it, it means the APIs are there if you need to develop something, just for your company and your users.

Needles in haystacks are painful and unnecessary

Is there a way to avoid twenty-questions when a senior leader says, ‘my device isn’t working’? Yes. What about when a user encounters dropped calls in Webex? Sure. Data is a beautiful thing when it’s used insightfully. While it’s still a work in progress, Control Hub gives us more time to make a great collaboration experiences even better – and with exceptional support.

Source: cisco.com

Continue reading

Deployment Options Expand with New Cisco DNA Center Virtual Appliance

Virtualization technology has changed the world of IT and enabled cloud computing. It has also been embraced by Cisco customers due to its flexibility and cost benefits. That demand is behind our recent announcement at Cisco Live of the Cisco DNA Center Virtual Appliance, which gives customers new deployment options for our network controller, whether deployed within the company data center or in public and private clouds.

Why a Virtual Appliance?

A virtual appliance provides operational flexibility and choice. For new Cisco DNA Center customers, choosing a Cisco DNA Center Virtual Appliance for deployment in their data center eliminates additional capital expenditures, supply chain worries, long lead times for orders, and truck rolls.

There are many other benefits of a virtual appliance: Eliminating lengthy and expensive compliance and certification checks; fast, automated deployment; and high availability, implemented with the use of native features. A virtual appliance in the cloud can also scale out; with the Cisco DNA Virtual Appliance in the cloud, customers can manage up to 5,000 devices.

Multiple Options for New and Existing Cisco DNA Center Customers

The Cisco DNA Center Virtual Appliance is designed to be deployed in a public cloud service starting with AWS (and later Microsoft Azure and Google Cloud Platform) or in a VMware ESXi (and later Hyper-V and KVM) virtual environments located on-premises or in a co-location facility (Figure 1).

Figure 1. On-premises and Cloud Versions

These virtual appliances from Cisco have feature parity with today’s physical Cisco DNA Center platform (Figure 2). Additionally, customers can take advantage of native high availability features from AWS and VMware to deliver quality performance and minimize downtime.

Figure 2. Feature Parity Across Physical and Virtual Appliance Versions

We’re providing our customers with options because some customers, especially government agencies with strict security requirements, don’t want to deploy management solutions in the cloud. They require physical Cisco DNA Center appliances and Cisco will continue to provide them. We fully support the air gap capability to ensure that networks can be physically isolated from unsecured networks like the public Internet or an unsecured LAN.

Cisco DNA Center Deployments, License Portability, Prime Migrations

Current DNA Center customers wanting to expand to the cloud can quickly, easily, and cost-effectively add a separate instance of Cisco DNA Center Virtual Appliance to remote offices or branches, maintaining a physical appliance in their central data center. This hybrid approach is seamless due to license portability and the choice of different platforms. You can easily deploy Cisco DNA Center in the data center or in a cloud, using the same license.

Cisco DNA Center Virtual Appliance is an option for customers migrating from Cisco Prime management infrastructure to Cisco DNA Center. Cisco Prime Infrastructure (current Release 3.10 Patch 1) includes a Cisco DNA Center coexistence and migration feature that allows users to easily export data from Cisco Prime Infrastructure to Cisco DNA Center. The two management and control systems can be operated in parallel so IT teams can train and get familiar with Cisco DNA Center before a complete system migration is performed. Teams can begin to migrate as soon as they are comfortable with the new paradigm for NetOps, AIOps, SecOps, and DevOps capabilities that Cisco DNA Center offers.

The Cisco DNA Center Virtual Appliance is here. Now you can manage and troubleshoot your network using Cisco DNA Center as a physical or a virtual appliance. Or deploy both types of appliances, on-premise or in the cloud. Then sit back and manage your network with a steady hand using guided Cisco workflows specific to job roles in NetOps, AIOps, SecOps, or DevOps.

Source: cisco.com

Continue reading

Cisco Catalyst 9200CX Series switches now in Compact size

Hybrid work has become prevalent everywhere and it is here to stay. It is important for your network to be able to handle business demands more efficiently and remotely. This is especially emphasized in extended small enterprise and campus locations. Cisco Catalyst 9200 Series switches offer trusted network capabilities, with more flexibility, energy efficiency, and ease.

Hybrid work extended

Just 2 or 3 years ago, you probably didn’t even know what it was like to do hybrid work outside of the office. Now, you cannot imagine doing your job without it. You can be working in the office, or hybrid working in a café, with a nice breeze, reviewing security anomalies.

Hybrid work is a reality and connectivity needs are changing every day. In some cases, deployments are temporary installations or have smaller more efficient requirements. You need a versatile network that is predictable and not just in the small branch offices but also extended onto your campus and temporary settings. You need this network to make your hybrid work, work. All of these needs are addressed by the trusted and powerful backend infrastructure the Cisco Catalyst 9000 switches can deliver.

Connect with flexibility

Cisco has been focused on delivering products to support hybrid work. Cisco offers more flexibility in network deployments with more power density per size at a lower cost, efficient power options, and secure Zero Trust networks to simplify IT jobs.

Imagine a switch that offers PoE (Power over Ethernet) so you can connect more power-hungry devices like laptops, monitors, lighting, HVAC, and refrigerators into a previously siloed network, therefore enabling more flexibility for secure hybrid networks. All this can be supported with the Cisco Catalyst 9200 Series switches. It allows you to work more flexibly, more confidently, remotely, and in small business branches and campuses, extending your hybrid work environments.

Efficient Smart Buildings

Energy efficiency impacts the bottom line and is environmentally friendly – so it is a win-win in your operations. PoE ports bring switches closer to the endpoints while facilitating efficient power usage and consolidated networks. This is especially practical in smart buildings to provide sustainable and healthier spaces to meet the demands of hybrid work.

The Catalyst 9200 Series switches, with Class 6 Power PoE devices, can offer efficiencies, from less power consumption to reducing power losses on some models.

Lower energy bills AND help the planet without compromising your connectivity. Yes, please!

Connect with ease to ‘set it and forget it’

IT teams love the Catalyst 9200 switches because of features like Zero-Touch Provisioning (ZTP) and flexible power options. ZTP is a ‘must have’ feature for small branches where IT teams can automatically set up devices using a switch feature – and eliminate most of the manual labor and travel expenses associated with branch upkeep.

Executive-level C-Suite decision makers love Catalyst 9200 Series switches because they are predictable and can help to reduce costs so lean IT teams can ‘set it and forget it’ when doing out-of-the-box installations at small branches and other sites.

What else is new?

The Cisco Catalyst 9200CX compact models extend their Layer 3 network access with all the features of the Catalyst 9200 Series switches, plus even more flexibility with its smaller size, and more energy-efficient fanless operation. The smaller footprint and quieter fanless design mean the switch can go in more places where other switches cannot, such as under desks, in closets, on the wall, and at the checkout counter for retail point of sale (POS) installations.

More use-cases include locations that are easy to set up and easy to dismantle, such as ATM rentals, small office home offices (SOHO), extended hospitals, mobile clinics, classrooms, cruise ships, sports games, festivals, events, and pop-up kiosks.

One quick look and you will notice something different about the Catalyst 9200CX models. The enclosure is designed to reduce the costs of cooling and be more environmentally friendly.

Additional Key Benefits of Catalyst 9200CX

◉ Naturally cooled fanless operation

◉ Multiple port choices with incredible speeds, some uplinks increase from 1G to 10G

◉ AC/DC power convergence with increased power efficiencies and reduced conversion losses

◉ Zero Trust security with policy-based segmentation, for less downtime

◉ Built-in micro-SSD (Solid State Drive) card slot for the “offline” setup

Source: cisco.com

Continue reading

Autonomous Operations in Mining

Trend Overview

By the end of 2021, Caterpillar has hauled more than 4 billion tons of product and driven more than 145 million kilometers autonomously. As an aside, that’s the distance of a round trip to Mars. Autonomous technology is mature.

Perhaps haulage is the simplest of all autonomous problems to solve and has the most significant return on investment. In 2017, Rio Tinto identified that in one year, each of their autonomous trucks had 700 more production hours than an average conventional truck. Autonomous trucks are 15% less expensive to operate and generate up to 30% more productivity.

With these substantial benefits, you would think mines would be trending to full autonomy. Here are a two of the most significant challenges.

Reliable wireless coverage everywhere

Reliable and pervasive wireless access to the autonomous system is critical for all elements of an autonomous environment. For the haulage use case, the path of haul trucks is well defined and only covers a small percentage of a full mine. Coverage in that well defined region is much less costly than full and reliable coverage of a mine.

Use cases like autonomous dozing, autonomous operation of service vehicles, and other systems could be anywhere in the mine.

Reliable instrumentation and control software

In the Caterpillar example above, all the critical components are controled by Caterpillar. Most new Caterpillar equipment can be bought with all the sensors and actuators required for autonomous operation. Cat Command is the autonomous system that coordinates all the vehicles in the autonomous zone. Even vehicles that are not Caterpillar need to be fitted with Cat Command software so they can be seen in the autonomous system.

In today’s mine there are numerous vehicles, gauges, valves, and measurement points that are not connected and may not even have the sensors required for autonomous operation.

Every mining company needs to make a business decision about which processes or activities should become autonomous in their mines.

Industry POV

Cisco’s infrastructure solutions are a critical part of an autonomous mining solution. Here are a two practical ways that Cisco technology makes autonomous projects more successful.

Reliable wireless coverage

Cisco Wifi was the early favorite for wireless connectivity to autonomous trucks. Caterpillar and Sandvik have done extensive testing with Cisco wifi and continue to support this technology. Since then, many mining companies have started testing and deploying LTE in hopes that it will provide broader mine coverage at a similar price point and provide more consistent connectivity. Now, Cisco is starting to see an increase in its Ultra Reliable Wireless for autonomous use cases as well, mostly because of its price point and very high reliability.

The important consideration Is that Cisco has solutions in all three of these technologies for autonomous operation in an integrated architecture.

Broad instrumentation partnerships

The culture at Cisco is one of partnership. These companies include autonomous system providers, instrumentation vendors, analytics platforms, and numerous other technologies that provide a platform for autonomy.

Although haulage solutions are usually self contained systems with very few outside elements, other autonomous systems will likely have a lot more diversity in their sensors, actuators, software and analytics. This approach will require a rich ecosystem of partners like the one that Cisco operates in.

Source: cisco.com

Continue reading

Our future network: insights and automation

Insights and automation will power our future network. Think of it as a circular process: collect data from network infrastructure. Analyze it for insights. Share those insights with teams to help them improve service. Use the insights to automatically reprogram infrastructure where possible. Repeat. The aim is to quickly adapt to whatever the future brings—including new traffic patterns, new user habits, and new security threats.

Now I’ll dive into more detail on each block in the diagram.

Insights

Data foundation. Good insights can only happen with good data. We collect four types of data:

◉ Inventory data for compliance reporting and lifecycle management

◉ Configuration data for audits and to find out about configuration “drift”

◉ Operational data for network service health monitoring

◉ Threat data to see what parts of our infrastructure might be under attack—e.g., a DDoS attack on the DMZ, or a botnet attack on an authentication server

Today, some network data is duplicated, missing (e.g., who authorized a change), or irrelevant. To prepare for our future network, we’re working to improve data quality and store it in centralized repositories such as our configuration management database.

Analytics. With a trusted data foundation, we’ll be able to convert data to actionable insights. We’re starting by visualizing data—think color-coded dials—to make it easier to track key performance indicators (KPIs) and spot trends. Examples of what we track include latency and jitter for home VPN users, and bandwidth and capacity for hybrid cloud connections. We’re also investing in analytics for decision support. One plan is tracking the number of support tickets for different services so we can prioritize the work with the biggest impact. Another is monitoring load and capacity on our DNS infrastructure so that we can automatically scale up or down in different regions based on demand. Currently, we respond to performance issues manually—for instance, by re-routing traffic to avoid congestion. In our future network we’ll automate changes in response to analytics. Which leads me to our next topic: automation.

Automation

Policy and orchestration. February 2022 marked a turning point: we now fulfill more change requests via automation than we do manually. As shown in the figure, we automatically fulfilled more than 7,500 change requests in May 2022, up from fewer than 5,000 just six months earlier. Examples include automated OS upgrades with Cisco DNA Center Software Image Management (SWIM), compliance audits with an internally developed tool, and daily configuration audits with an internal tool we’re about to swap out for Cisco Network Services Orchestrator. We have strong incentives to automate more and more tasks. Manual activities slow things down, and there’s also the risk that a typo or overlooked step will affect performance or security.

In our future network, automation will make infrastructure changes faster and more accurate. Our ultimate goal is a hands-off, AIOps approach. We’re building the foundation today with an orchestrator that can coordinate top-level business processes and drive change into all our domains. We are working closely with the Cisco Customer Experience (CX) group to deploy Business Process Automation solution. We’re developing workflows that save time for staff by automating pre- and post-validation and configuration management. The workflows integrate with IT Service Management, helping us make sure that change requests comply with Cisco IT policy.

Release management. In the past, when someone submitted a change request one or more people manually validated that the change complied with policy and then tested the new configuration before putting it into production. This takes time, and errors can affect performance or security. Now we’re moving to automated release pipelines based on modern software development principles. We’re treating infrastructure as code (IaC), pulling device configurations from a single source of truth. We’ve already automated access control list (ACL) management and configuration audits. When someone submits a change to the source of truth (typically Git), the pipeline automatically checks for policy compliance and performs tests before handing off the change for deployment.

The Road Ahead

To sum up, in our future network, the only road to production is through an automated pipeline. Automation helps us adapt more quickly to unexpected change, keeps network configuration consistent worldwide, and reduces the risk of errors. We can’t anticipate what changes our business will face between now and 2025—but with insights and automation, we’ll be able to adapt quickly.

Source: cisco.com

Continue reading

Get Brilliant Results by Using Cisco 700-760 ASAEAM Practice Test

Cisco 700-760 ASAEAM Exam Description:

The Advanced Security Architecture Express for Account Managers (ASAEAM 700-760) is a 90-minute exam for the required knowledge across the Cisco Security portfolio for a registered partner organization to obtain the Security specialization in the AM role.

Cisco 700-760 Exam Overview:

• Exam Name- Cisco Security Architecture for Account Managers
• Exam Number- 700-760 ASAEAM
• Exam Price- $80 USD
• Duration- 90 minutes
• Number of Questions- 55-65
• Passing Score- Variable (750-850 / 1000 Approx.)
• Recommended Training- Cisco SalesConnect
• Exam Registration- PEARSON VUE
• Sample Questions- Cisco 700-760 Sample Questions
• Practice Exam- Cisco Security Architecture Practice Test

Cisco 700-760 Exam Topics:

1. Threat Landscape and Security Issues- 20%
2. Selling Cisco Security- 15%
3. Customer Conversations- 15%
4. IoT Security- 15%
5. Cisco Zero Trust- 15%
6. Cisco Security Solutions Portfolio- 20%

Continue reading

People: A cornerstone for fostering security resilience

Security resilience isn’t something that happens overnight. It’s something that grows with every challenge, pivot and plot change. While organizations can invest in solid technology and efficient processes, one thing is critical in making sure it translates into effective security: people.

What impact do people have on security resilience? Does the number of security employees in an organization affect its ability to foster resilience? Can a lower headcount be supplemented by automation?

In a world where uncertainty is certain, we recently explored how people can contribute to five dimensions of security resilience, helping businesses weather the storm.

Through the lens of our latest Security Outcomes Study – a double-blind survey of over 5,100 IT and security professionals – we looked at how people in SecOps teams can influence organizational resilience.

Strong people = successful security programs  

SecOps programs built on strong people, processes and technology see a 3.5X performance boost over those with weaker resources, according to our study. We know that good people are important to any organization, and they are fundamental to developing capable incident response and threat detection programs.

Why are detection and response capabilities important to look at? Because they are key drivers of security resilience. In the study, we calculated a ratio of SecOps staff to overall employees for all organizations. Then, we compared that ratio to the reported strength of detection and response capabilities.

Effect of security staffing ratio on threat detection and incident response capabilities

What we can clearly see is that organizations with the highest security staffing ratios are over 20% more likely to report better threat detection and incident response than those with the lowest. However, the overall average highlights that organizations not on the extreme ends of the spectrum are more likely to report roughly equal levels of success with SecOps — indicating that headcount alone isn’t a sure indicator of an effective program or resilient organization. It can be inferred that experience and skills also play a pivotal role.

Automation can help fill in the gaps

But what about when an organization is faced with a “people gap,” either in terms of headcount or skills? Does automating certain things help build security resilience? According to our study, automation more than doubles the performance of less experienced people.

Effect of staffing and automation strength on threat detection and incident response capabilities

In the graph above, the lines compare two different types of SecOp programs: One without strong people resources, and one with strong staff. In both scenarios, moving to the right shows the positive impact that increasing automation has on threat detection and incident response.

Out of the survey respondents, only about a third of organizations that lack strong security staff, and don’t automate processes, report sound detection and response.

When one of three security process areas (threat monitoring, event analysis, or incident response) is automated, we see a significant jump in capability among organizations that say their tech staff isn’t up to par. Automating two or three of these processes continues to increase strength in detection and response.

Why does this matter? Because over 78% of organizations that say they don’t have adequate SecOps staffing resources still report that they are able to achieve robust capabilities through high levels of automation.

A holistic approach to security resilience

When it comes to security resilience, however, we have to look at the whole picture. While automation seems to increase detection and response performance, we can’t count people out. After all, over 95% of organizations that have a strong team AND advanced automation report SecOps success. Organizations need to have the right blend of people and automation to lay the foundation for organization-wide security resilience.

As your business continues to look towards building a successful and resilient SecOps program, figuring out how to utilize your strongest staff, and where to best employ automation, will be a step in the right direction.

Source: cisco.com

Continue reading