Thursday, 5 January 2023

Maximize Network Wide License Utilization with Smart Licensing

How can you accurately track software licenses being consumed across your network and where? Smart licensing is the solution!

Smart licensing was created to simplify the customer experience and provide greater insight into software license ownership and consumption. It establishes a pool of licenses that can be used across your entire organization in an automated manner.

What is smart licensing?


Smart licensing is a flexible software licensing model that simplifies the way you activate and manage licenses across your organization. The smart licensing model makes it easier to procure, deploy, and manage your Cisco software licenses.

Smart licensing eliminates the need for PAK licenses and allows licenses to be easily shared across devices in the same organization. It also gives you the flexibility to use only what you need when you need it.

Cisco Tutorial and Materials, Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides

Why should I use smart licensing?


In today’s world, license portability and a flexible consumption model offer you the capability and flexibility to purchase software capacity as needed. This decreases OpEx and can eliminate stranded licenses. When installing high-density line cards or high-capacity fixed chassis, you don’t always need the full capacity of the hardware from day one and a simplified management tool allows you to fully utilize licenses and the dollars you spend.

Customer Needs IOS XR Flexible Consumption Model (FCM)
Customers want strategic partners who can provide commercial offers permitting them to pay incrementally to expand capacity as demand for their consumer and business services rises.   FCM is a pay-as-you-grow model which enables customers to invest in the network capacity as demand grows. Having this ability to add capacity as and when needed helps customers with their network and capacity planning.
Customers want investment protection with the portability of software across hardware resources to meet demand across any one of their markets.   FCM has a subscription component which includes software portability. This provides investment protection by enabling porting of licenses to next-generation hardware when a customer is ready.
Customers want a software license management experience that enables porting of licenses across the corporation to shift capacity to markets in demand.   FCM permits service providers to pool software licenses and lower initial investments required to incubate new services.

Flexible consumption model benefits using smart licensing

◉ Simplify operations. Two software suites, Essentials Software and Advantage Software, simplify license management while still providing the carrier-class Cisco IOS XR Software feature set.

◉ License pooling: You can efficiently share licenses network-wide with license pooling. This solution improves capacity planning by eliminating “stranded capacity” as you can use available capacity wherever needed in the IOS XR Flexible Consumption Model network. In this manner, you can potentially utilize your capital budgets to consume software innovations in IOS XR.

◉ Software upgrades: Software upgrades provide access to new features and enhancements to existing features.

◉ Software portability: Software portability provides investment protection by enabling porting of licenses to next-generation hardware when you’re ready. During decommissioning of hardware and transitioning to next generation hardware, you retain the ability to not decommission the investment in the software, and instead, port it to a newer hardware provided all necessary conditions are met.


Cisco Tutorial and Materials, Cisco Career, Cisco Skill, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides

Flexible consumption model and smart licensing are supported on the following products:

◉ Access – NCS 540, NCS 560
◉ Edge – ASR 9000
◉ Core – NCS 5500, NCS 5700, and 8000 Series routers

The flexible consumption model requires Cisco Smart Licensing registration and license usage reporting. A network under IOS XR FCM is considered compliant if the FCM-enabled devices in your network are registered to smart licensing and are reporting the usage. Starting from IOS XR 7.3.1, major and minor XR software upgrades will only be available once you’ve registered the devices and aren’t using more licenses than what was purchased. The registration process is a simple one-time event that can be automated using Cisco EZ-Register, an open-source solution.

Source: cisco.com

Tuesday, 3 January 2023

Security Resilience in the Americas

The past couple of years have brought security resilience to the forefront. How can organizations around the world build resilience when uncertainty is the new normal? How can we be better prepared for whatever is next on the threat horizon? When threats are unpredictable, resilient security strategies are crucial to endure change when we least expect it.

In a previous blog post, we assessed security resilience in Europe, Middle East, and Africa (EMEA). Now, we take a look at organizations in the Americas to find out how they fare across four security outcomes that are critical for building resilience, based on findings from Cisco’s latest Security Outcomes Study. These outcomes include:

1. Keeping up with the demands of the business
2. Avoiding major security incidents
3. Maintaining business continuity
4. Retaining talented personnel

Country-level security performance


Based on the following chart, clear differences emerge when we examine these outcomes at the country level. The chart shows the proportion of organizations in each country that are reportedly “excelling” in the four outcomes contributing to security resilience.

What we see is that 52.7% of organizations in Colombia, for example, say their security programs are excelling at keeping up with the business, while only 35.3% report that they are excelling at avoiding major incidents. You can follow each country’s path through the four outcomes to see how they view their respective performance in certain areas.

Security Resilience in the Americas, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides
Country-level comparison of reported success levels for security resilience outcomes

What’s really at the crux of these differences in security resilience among countries? Is Colombia that much more resilient than Mexico? Do organizations in different countries have varying definitions of what resilience is, and how they perceive their success? Reasons behind these country-level differences can be attributed to a variety of things, including security maturity, cultural factors and other organizational parameters.

How to improve resilience


Knowing what we know about how organizations across the Americas view their resilience, how can they improve it? The Security Outcomes Study, Volume 2, sheds some light here. In the study, we uncovered five practices proven to boost overall success in security programs, dubbed as the Fab Five:

1. A proactive tech refresh strategy
2. Well-integrated tech
3. Timely incident response
4. Prompt disaster recovery
5. Accurate threat detection

So, how did countries in the Americas rank their implementation of these Fab Five practices? If we look at Colombia, for example, 64% of organizations say their capabilities for accurate threat detection are strong, while only 48.1% of Canadian organizations say the same. There is a lot of movement around the top three countries: Colombia, Mexico and Brazil. The U.S. ranks fourth consistently across the board.

Security Resilience in the Americas, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides
Country-level comparison of reported success levels for five leading security practices

You may be wondering if implementing these five security practices improved resilience across organizations in the Americas. Our study found that organizations in the Americas that do not implement any of these five practices rank in the bottom 25% for resilience, whereas those that reported strength in all five practices rose to the top 25%.

Security Resilience in the Americas, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Guides
Effect of implementing five leading security practices on overall resilience score

Staying strong in the face of change


Resilience is a cornerstone of cybersecurity. The ability to quickly pivot while maintaining business continuity and robust defenses is increasingly important in today’s world.

Source: cisco.com

Saturday, 31 December 2022

Get Hands-on in the Cisco Crosswork Automation Sandbox

Cisco Crosswork Network Automation is a microservices platform that brings together streaming telemetry, big data, and model-driven application programming interfaces (APIs) to redefine how service providers conduct network operations. Cisco Crosswork Network Automation offers a platform to collaborate, and build an application ecosystem around on-box innovation.

The Cisco Crosswork Network Automation product suite is a highly scalable and efficient operations automation framework. It enables service providers to quickly deploy intent-driven, closed-loop operations. You can plan, implement, run, monitor, and perfect your service provider network automation, and gain mass awareness, augmented intelligence, and proactive control for data-driven, outcome-based network automation.

Streamline Network Operation Processes


Automation plays a significant role in helping organizations move more quickly by streamlining operational processes such as:

◉ Executing workflows at machine speed with high operational efficiency and repeatable quality
◉ Bridging and synchronizing business and Information Technology (IT) processes to cut gaps and improve customer experience
◉ Supplying analytics to improve decision-making and shorten fault resolution times

Lab, Test, and Build in the New Sandbox


Now you can lab, test and build with the new Cisco Crosswork Automation Sandbox. This new sandbox lets you:

◉ Monitor key performance indicators (KPIs) in real time
◉ Prepare network changes triggered by changes in KPIs
◉ Roll out these changes automatically
◉ Automated change-impact and security analysis

Cisco Certification, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Tutorial and Materials, Cisco Prep, Cisco Preparation

Production Crosswork Suite within the Sandbox


You will find a “production” Crosswork suite deployed to manage the multi-platform network within the sandbox lab. This network is made up of:

◉ Cisco Crosswork cluster
◉ Cisco Crosswork Data Gateway (CDG)
◉ Cisco Network Service Orchestrator (NSO)
◉ Cisco IOS XE/XR routers

Included in the sandbox is a new use case which will help understanding the Applications of Health Insights and Change Automation.  In this scenario, we want to showcase how to attach and detach the devices from Crosswork Data Gateway (CDG). As a part of the scenario, we will also showcase how to change the credentials at the device level.

Cisco Certification, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Tutorial and Materials, Cisco Prep, Cisco Preparation

◉ Scenario 1: Device Level Management: Showcase how to attach and detach the devices from Crosswork Data Gateway (CDG). As a part of the scenario, we will also highlight how to change the credentials at the device level

◉ Scenario 2: Health Insights Application Overview: See how Cisco Crosswork Health Insights offers real-time, telemetry-based Key Performance Indicator (KPI) monitoring and intelligent alerting.

◉ Scenario 2A: Create and enable KPI profiles: In this scenario, KPIs are provisioned on IOS-XR devices via a KPI Profile. The KPIs can be either GNMI, MDT, or SNMP protocol based. We can then enable the KPIs and verify that the respective data are being collected and visually presented on Health Insights

◉ Scenario 3: Network Automation Application Overview Learn how to codify workflows using parameterized Plays and stitch them into Playbooks for execution in a step-by-step or single-step fashion.

◉ Scenario 3A: Playbook execution. Now we have our code, let us define an automation task to achieve the intended network states in Change Automation using Playbooks

Source: cisco.com

Thursday, 29 December 2022

The 3 Ps for Partner Managed Services: Platform, Preference, and Performance

In case you missed Partner Summit last week, we just want to reiterate: your customers heavily prefer to consume technology as managed outcomes!

We are full steam ahead in supporting our credo The Age of the Partner where vendors, partners, and customers all work together with a consistent set of strategic business imperatives rather than disparate technology stacks. The time is now, and the path forward is through the continued relationship we have built with our partners. Success in this new age of digital transformation necessitates collective evolution, both for Cisco and our partners.

Our strategy for success, guiding our evolution in Partner Managed Services, is centered on our 3 Ps: Platform, Preference, and Performance.

Cisco Certification, Cisco Career, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Skills, Cisco Job

While we introduced this virtually at Partner Summit 2021, we’ve matured it considerably since then and would like to update our partner community on how we are employing this strategy to successfully deliver for our partners in this new age.

Platforms


Our strategy starts by making sure our platforms are capable of best-in-class managed services delivery for partners across Cisco’s architectures. We appreciate there are key technological capabilities partners need to select a technology as a managed services delivery platform:

Cisco Certification, Cisco Career, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Skills, Cisco Job

◉ Telemetry to feed into your Operational Support Systems
◉ Operational capabilities like single sign-on and role-based access control to deliver cost effectively at scale
◉ APIs that enable workflow automation for billing, provisioning, and reconciliation
◉ User Interfaces that provide intuitive and compelling provider operations and end-user experiences
◉ Integrations with leading systems like ServiceNow, Snow, and ConnectWise

MVPR

Our Partner Managed Services team has collaborated with key engineering teams within Cisco to develop a framework designed to articulate these technological requirements through an internal scorecard approach that we coined Minimal Viable Partner Requirements or MVPR. This framework facilitates an open, bidirectional, and iterative dialog with product engineering to form the basis of assessing and developing the technology and the Platform that orchestrates and manages it to meet Provider Partner expectations.

Partner Managed Ready Offer Catalog

We then add to the Platform the elements our Provider Partners need to build managed services with plenty of room to differentiate based on target segments, intellectual property, commercial terms, and/or the type of experience they want to deliver. Our Partner Managed Offer Management team coordinates content and tools aimed to address key care-abouts of core MSP functions:

◉ Product Management needs example service descriptions, market pricing, aligned buying programs and business case tools.

◉ Service Delivery requires Standard Operating Procedure (SOP) templates, lab environments, and technical training.

◉ Sales benefits from playbooks and positioning decks.

◉ Marketing uses messaging blocks and templated digital marketing assets.

◉ Customer Success leverages API guided for adoption measurements and user guides to enable customers on using the higher-value functions.

◉ Operations requires ordering guides and license management guides to support their role.

These are some of the assets we bring to our partners to help them move faster and be more successful with service creation and go-to-market than if Cisco just sold them technology and expected them to figure it out.

A few examples of Partner Managed Ready Offers from our catalog include:

◉ Managed SD-WAN powered by Viptela and/or by Meraki, enables partners to securely interconnect branches, campuses, data centers, and multi-cloud environments.

◉ Managed SASE allows partners to build on their cloud-delivered virtual fabric and intersect secure access for users and devices by delivering policy controlled secure access to applications and networks.

◉ Managed Webex Collaboration provides a cloud-hosted, video-centric, unified collaboration solution which can be delivered over service provider partner networks and is backed by partner managed services to enable and enrich work in a post-pandemic era.

◉ Managed Hybrid Cloud allows partners to deliver application environments that feel like the public cloud but reside where customers want, and often at much better long-term economics, blending cloud-like cost efficiencies with on-premises performance and security.

Preference


We recognize the need to simply the partner experience, and we are working hard to earn your preference as your managed services technology partner daily.

This starts by offering you choice and flexibility across two software buying programs designed specifically for managed service practices.

Managed Services Buying Programs
The first, Managed Services Enterprise Agreement (MSEA), is built on our standard Enterprise Agreement construct, but with MSEA, the partner owns the entitlement and controls the terms with their customers. Partners can enable as-a-Service packaging while getting all EA benefits like True Forward and great Cisco field alignment.

Cisco’s Managed Service License Agreement (MSLA) accounts for variable scale, seasonal demand, and dynamic user counts by providing post-paid utility-like consumption for 17 Cisco software products and growing. This enables additional flexibility for partners and their customers to address multiple business needs across different scenarios.

Payment Solutions Portfolio
We also offer a rich portfolio of payment solutions to help with business concerns and those “good problems” that come with success like cash flow, credit lines, environmental and sustainability targets, and cost-to-revenue alignment as partners continue to grow their managed services practices:

◉ Total technology: Cisco Easy Pay, Cisco Lifecycle Pay
◉ Software: Cisco Enterprise Agreement (EA) Pay, Cisco Partner Pay
◉ Services-focused: Cisco Multi-Year Services Pay – Attach and Renew, Cisco Partner Pay
◉ Consumption: Cisco+ Hybrid Cloud, Cisco Open Pay
◉ Circular IT: Cisco Green Pay, Cisco Lifecycle Pay, Cisco Lifecycle Pay for Secure Firewall

Additionally, we have reinvented the partner-led sales model for the Age of the Partner through our Partner Managed Success Framework:

Cisco Certification, Cisco Career, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Skills, Cisco Job

1. Offer Development begins with the development of a compelling partner managed offer that enables our Provider Partners to address market opportunities with great technology and the content and tools needed for success by key partner roles

2. Partner Engagement allows us to assess and analyze if a particular opportunity is aligned to both Cisco and our partner, or we may collaborate to determine which of several opportunities to pursue

3. Service Creation occurs when a partner formally builds a new service with Cisco support in the form of templates, best practices, cutting edge market research, and best-in-class expertise

4. Sales Acceleration gives us an opportunity collaborate on sales campaigns with potential support via Cisco Provider Market Development Funds (MDFs)

5. Sales Execution provides access to a seasoned team of sales capture professionals to help our partners with operationalizing and scaling sales pipelines

6. Partner Success provides touch points along the lifecycles to help partners strengthen customer value across the lifecycle, find adjacent opportunities, and prepare for renewals

Performance


Performance is the transformation throttle. Cisco is continually looking at the opportunity and determining how we can best help accelerate the pace of partner success. We are incentivizing partners for growth in strategic areas, backed by industry-leading market research, using the Provider role of the Partner Program as the value exchange fulcrum.

Cisco Certification, Cisco Career, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Skills, Cisco Job

Over the past two years, we’ve evolved the Cisco Partner Program substantially by simplifying over a dozen programs into a single, flexibly structured program centered on delivering value to customers. Partners can participate in one or more roles—Integrator, Developer, Advisor, and Provider —each at whatever level fits your business: Select, Premier, or Gold. Additionally, we have focused on aligning our Cisco Powered Services with our Partner Managed Ready Offers and evolving our benefits to suit the Age of the Partner.

We’re working hard to evolve our approach to this critical RTM to give partners a full arsenal of tools to succeed with their managed services practices. As the market evolves, Cisco is evolving and bringing our partners alongside, so no one gets left behind. Our belief is that by bringing these three elements – Platform, Preference and Performance – to bear simultaneously, we’re poised for mutual success in a very bright future. Let’s own it together!

Source: cisco.com

Tuesday, 27 December 2022

Cisco SD-WAN Fabric is SecOps New Best Friend

In this post, we will delve into new capabilities and integrations into the Cisco SD-WAN fabric that provides specific capabilities that support security operations persona.

The Cisco SD-WAN fabric, with all its existing rich security capabilities, enables the convergence of a two-box approach to secure the branch into a single-box solution. From a management perspective, Cisco vManage controller enables a seamless and converged experience for both the networking and security aspects of the SD-WAN fabric. However, the requirements from security professionals to manage the threats and risks in the enterprise are evolving as applications and the workforce become more distributed. To accommodate these changes, the Cisco SD-WAN secure fabric is being enhanced in multiple dimensions to cater to the more specific operational requirements of the SecOps persona.

An SD-WAN Dashboard Tailored for SecOps


Recent innovations in Cisco SD-WAN enable the secure fabric’s WAN functions to be managed by the networking operations team while the security functions are managed by the security operations team. In addition to a NetOps persona, a new SecOps persona is available in Cisco vManage controller. Logging into the controller, the SecOps persona is presented with a security-focused dashboard and management privileges so that the security administrator can quickly gain a comprehensive understanding of the security health of the network. From a management perspective, the SecOps persona will be able to create and associate security policies to specific sites and VPNs in the SD-WAN fabric. SecOps persona will also be able to view SD-WAN operational statistics, but will not be able to create SD-WAN-specific routing policies and configurations.

Security-Focused Visibility for Troubleshooting SD-WAN Fabrics


Logging for the purpose of visibility and troubleshooting is a critical requirement for security persona to be able to defend the far-reaching WAN fabric. The Cisco SD-WAN router generates comprehensive logs for all the security and connection events detected in the SD-WAN router. These logs can be consumed, parsed, and analyzed in real-time by Security Information and Event Management (SIEM) systems to drive timely security remediations, or stored for long-term historical reference. The security event logs are stored in Cisco Secure Analytics and can be filtered and visualized on Cisco Defense Orchestrator (CDO).

Cisco SD-WAN Fabric, SecOps, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Certification
Figure 1. Intrusion Event Logging for SD-WAN Security Persona

In addition, Cisco is partnering with Splunk to enable visualization and analysis of the security and connection-related logs generated from SD-WAN. The Cisco SD-WAN application ingests logs from SD-WAN routers and presents actionable security analytics on a pre-populated dashboard. Example uses cases enabled by the Splunk integration for the security operations persona are:

◉ A holistic view of all the security events captured by the SD-WAN security stack.
◉ Ability to examine any security event at the device level along with traffic patterns occurring when the security event was triggered.

The Cisco SD-WAN Splunk Integration consists of two components:

◉ Cisco SD-WAN Add-on for Splunk – Add-ons are used for data optimization and collection processes. Cisco SD-WAN Add-on for Splunk collects a range of Cisco Logs Data and NetFlow Data and stores them in Splunk indexes.
◉ Cisco SD-WAN App for Splunk – Using data from the Add-On, the Cisco SD-WAN App presents dashboards for Cisco Logs and NetFlow Data with detailed visualization, analysis, and representation.

Cisco SD-WAN Fabric, SecOps, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Certification
Figure 2. Cisco SD-WAN App for Splunk Provides SecOps with Increased Visibility into Threats

Cisco SD-WAN Fabric, SecOps, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Certification
Figure 3. Cisco SD-WAN App for Splunk Provides Detailed Threat Visibility

SecOps Can Rely on Cisco SD-WAN Secure Fabric


There is an abundance of security features in the Cisco SD-WAN fabric now that will become invaluable to SecOps, whether they are hunting for intrusions, assigning security permissions, or detecting threats. Cisco SD-WAN is always evolving to make managing networks simpler and more secure, even as the scale of networks continues to scale and threats increase in complexity.

Source: cisco.com

Saturday, 24 December 2022

Cisco Joins the Launch of Amazon Security Lake

The Cisco Secure Technical Alliance supports the open ecosystem and AWS is a valued technology alliance partner, with integrations across the Cisco Secure portfolio, including SecureX, Secure Firewall, Secure Cloud Analytics, Duo, Umbrella, Web Security Appliance, Secure Workload, Secure Endpoint, Identity Services Engine, and more.

Cisco Secure and AWS Security Lake


We are proud to be a launch partner of AWS Security Lake, which allows customers to build a security data lake from integrated cloud and on-premises data sources as well as from their private applications. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response. Security Lake helps organizations aggregate, manage, and derive value from log and event data in the cloud and on-premises to give security teams greater visibility across their organizations.

With Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data.

Cisco Secure Firewall


Cisco Secure Firewall serves as an organization’s centralized source of security information. It uses advanced threat detection to flag and act on malicious ingress, egress, and east-west traffic while its logging capabilities store information on events, threats, and anomalies. By integrating Secure Firewall with AWS Security Lake, through Secure Firewall Management Center, organizations will be able to store firewall logs in a structured and scalable manner.

eNcore Client OCSF Implementation


The eNcore client provides a way to tap into message-oriented protocol to stream events and host profile information from the Cisco Secure Firewall Management Center. The eNcore client can request event and host profile data from a Management Center, and intrusion event data only from a managed device. The eNcore application initiates the data stream by submitting request messages, which specify the data to be sent, and then controls the message flow from the Management Center or managed device after streaming begins.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

These messages are mapped to OCSF Network Activity events using a series of transformations embedded in the eNcore code base, acting as both author and mapper personas in the OCSF schema workflow. Once validated with an internal OCSF schema the messages are then written to two sources, first a local JSON formatted file in a configurable directory path, and second compressed parquet files partitioned by event hour in the S3 Amazon Security Lake source bucket. The S3 directories contain the formatted log are crawled hourly and the results are stored in an AWS Security Lake database. From there you can get a visual of the schema definitions extracted by the AWS Glue Crawler, identify fieldnames, data types, and other metadata associated with your network activity events. Event logs can also be queried using Amazon Athena to visualize log data.

Get Started


To utilize the eNcore client with AWS Security Lake, first go to the Cisco public GitHub repository for Firepower eNcore, OCSF branch.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Download and run the cloud formation script eNcoreCloudFormation.yaml.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

The Cloud Formation script will prompt for additional fields needed in the creation process, they are as follows:

Cidr Block:  IP Address range for the provisioned client, defaults to the range shown below

Instance Type:  The ec2 instance size, defaults to t2.medium

KeyName  A pem key file that will permit access to the instance

AmazonSecurityLakeBucketForCiscoURI: The S3 location of your Data Lake S3 container.

FMC IP: IP or Domain Name of the Cisco Secure Firewall Mangement Portal

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

After the Cloud Formation setup is complete it can take anywhere from 3-5 minutes to provision resources in your environment, the cloud formation console provides a detailed view of all the resources generated from the cloud formation script as shown below.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Once the ec2 instance for the eNcore client is ready, we need to whitelist the client IP address in our Secure Firewall Server and generate a certificate file for secure endpoint communication.

In the Secure Firewall Dashboard, navigate to Search->eStreamer, to find the allow list of Client IP Addresses that are permitted to receive data, click Add and supply the Client IP Address that was provisioned for our ec2 instance.  You will also be asked to supply a password, click Save to create a secure certificate file for your new ec2 instance.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Download the Secure Certificate you just created, and copy it to the /encore directory in your ec2 instance.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Use CloudShell or SSH from your ec2 instance, navigate to the /encore directory and run the command bash encore.sh test

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

You will be prompted for the certificate password, once that is entered you should see a Successful Communication message as shown below.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Run the command bash encore.sh foreground

This will begin the data relay and ingestion process. We can then navigate to the S3 Amazon Security Lake bucket we configured earlier, to see OCSF compliant logs formatted in gzip parquet files in a time-based directory structure. Additionally, a local representation of logs is available under /encore/data/* that can be used to validate log file creation.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Amazon Security Lake then runs a crawler task every hour to parse and consume the logs files in the target s3 directory, after which we can view the results in Athena Query.

Cisco Security, Cisco Career, Cisco Skills, Cisco Prep, Cisco Tutorial and Materials, Cisco Guides

Source: cisco.com

Friday, 23 December 2022

Customer Journeys to the Cloud with Cisco and Amazon Web Services (AWS)

Charles Darwin once stated, “It is not the strongest of the species that survives, nor is it the most intelligent of the species that survives. It is the one that is the most adaptable to change.”

The cloud has become one of the key components of the digital transformation process. As a leading provider of hybrid cloud solutions, Cisco can provide customers with effective cloud transformation assistance. This blog explains how Cisco software solutions on AWS can assist customers at every stage of cloud transformation.

Cisco and AWS strategic partnership accelerates cloud transformation


Cisco and AWS have partnered to simplify and accelerate businesses’ journey to the cloud using Cisco software solutions on AWS. Those solutions simplify connectivity, security, and observability, helping customers address common cloud-based use cases.

The AWS marketplace currently offers a variety of selectable Cisco software solutions to cloud customers. Cisco supports AWS cloud customers throughout their cloud transformation journey, with most solutions being Software as a Service (SaaS). Cloud customers can use a number of these solutions to complete the cloud transformation process effectively.

AWS cloud framework for customers includes four stages


Let’s begin with a high level, conceptual view of the AWS Cloud Migration Framework. As shown in Figure 1, AWS offers their customers a four-stage cloud migration.

Figure 1  Four-Stage AWS Cloud Migration Framework

Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Career, Cisco Skills, Cisco Job

Stage 1: Assess

The objective of this stage is to plan the cloud transformation by performing business case development, discovery of infrastructure and application components, and cloud planning.

Stage 2: Mobilize

This stage focuses on the preparation of cloud infrastructure components—including landing zones for application onboarding, landing zones, connectivity to the cloud, and security.

Stage 3: Migrate and Modernize

This stage involves either migrating the current applications to the cloud as they are or modernizing them to cloud-native services like microservices. This is done using any of the 7R customer migration methods: Repurchase, Re-architect, Re-factor, Re-host, Relocate, Retain, and Retire.

Stage 4: Operate and Optimize

In this final stage, the application will be operated on the cloud. Monitoring and optimizing cloud applications are among the steps taken during this stage.

Throughout their cloud transformation journeys, customers can select to use industry-leading solutions like Cisco software from AWS co-selling or the AWS marketplace, depending on their needs and requirements.

Cisco solutions support the cloud migration journey from beginning to end


As part of the AWS Cloud Migration Framework, Cisco cloud solutions pillars are mapped to each stage of the AWS cloud journey. Cloud Assess, Cloud Connect, Cloud Secure, Cloud Observe and Operate are included in this process. The diagram in Figure 2 below illustrates this in more detail.

Figure 2  Cisco Cloud Solutions Pillars

Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Career, Cisco Skills, Cisco Job

The top half of Figure 2 illustrates the AWS Migration framework. In the lower half of the diagram, Cisco solutions pillars Assess, Connect (Cloud Connectivity), Secure (Cloud Security), and Observe and Operate (Cloud Observability) are mapped to the AWS Migration Framework. Additionally, it illustrates the use cases that are supported by Cisco’s solution pillars.

With Cisco solutions, customers can achieve secure cloud transformation


Known for its outstanding networking, security, and observability capabilities, Cisco solves customer challenges in the cloud by providing secure connectivity, securing the cloud, and providing full stack observability solutions with visibility into applications, infrastructures, and business metrics.

In any initial cloud phase, Cloud Planning and App Discovery are among the first use cases for the phases that verify and assess the cloud. Cisco Intersight Workload Optimizer (IWO) and AppDynamics (AppD) are the most commonly used tools to address those use cases.

Cisco supports the customer journey towards cloud adoption based on primarily on three key pillars–Cloud Connectivity, Cloud Security, and Cloud Observability–to ensure a safe, secure, and effective adoption of clouds. (See Figure 3.)

Figure 3  Cisco Solutions for Key Cloud Use Cases

Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Career, Cisco Skills, Cisco Job

Cloud Connectivity: The Cisco Cloud Connectivity pillar includes a number of use cases–such as Multi-Cloud Connectivity, SASE, Hybrid Cloud SDN and WAN Insights –that enable customers to connect to the cloud successfully and securely, either from their data center or from the edge. In response to customer requirements, Cisco offers multiple solutions like Meraki SD-WAN, Viptela SD-WAN, Nexus Dashboard, and Cloud Network Controller. Those options help to connect and operate hybrid environments securely.

Cloud Security: A successful cloud journey requires foundational protection of the infrastructure, zero trust access (ZTA), application security, and secure services edge (SSE). Cisco offers a full range of security solutions for cloud transformations, including solutions specifically tailored to meet the needs of the customer. Those solutions ensure a secure cloud environment for the customer. There are a number of Cisco Secure Software portfolios, including Cisco Secure Firewall, Duo, Umbrella, Secure Workload, and many others.

Cloud Observability: In order to scale and reimagine applications and improve the user experience, observeability is a crucial element throughout the cloud journey. By utilizing AppD, ThousandEyes, and IWO, Cisco offers industry-leading solutions for Full Stack Observability, which help enable the customer to monitor hybrid and modern applications, provide a digital customer experience, map application dependencies, optimize hybrid costs, and optimize application resources.

In summary…


Due to its solution integration capabilities, Cisco is a one-stop shop for cloud customers when it comes to cloud networking, cloud security, cloud observability, and hybrid work. Cloud customers and partners can address those cloud use cases through Cisco software solutions like IWO, AppDynamics, ThousandEyes, Duo, Umbrella, Viptela SD-WAN, Meraki SD-WAN, Secure Firewall, Panoptica, Intersight Service Mesh Manager (SMM), and more. AWS offers those Cisco software solutions through their co-sell program and marketplace, leveraging their strategic partnership with Cisco.

Source: cisco.com