Thursday, 6 July 2023

Revolutionizing IOT to deliver an end-to-end solution

Cisco Certification, Cisco Career, Cisco Guides, Cisco Prep, Cisco Preparation

Recently I was looking for some research around IOT to assist our partners to understand the gravity of the market opportunity for the next decade.  According to IOT Analytics the IOT device market is growing by 16% right now. This IOT growth data is inspiring as we think about the tools, tech, and innovations we can offer to our customers and for our partners to bring new solutions and build opportunities to keep up pace with the pace of growth expected over the next decade.  All of this IOT device growth wouldn’t be possible without a great network, great wireless connectivity and great lifecycle planning from our partners, but there is more.  There is a need to address three major concerns we are seeing:

1. Complexity: is high with OT/IT and management of various systems, vendors and devices are is difficult to scale and manage. A great opportunity for our partner community to assist in this area.

2. Cybersecurity: IT teams don’t have visibility into what assets are connected in OT environments or what are the security risks. Partners have the opportunity to work with Cisco to secure infrastructure and manage all of the various unmanaged and unsecured devices.

3. Lack of Skilled Resources: Limited IT teams covering OT environments where it is hard to securely and efficiently managed connected assets.

To help address those challenges, at Cisco Live Amsterdam in February we announced new cloud services for a new way for IT and OT to collaborate on managing and securing the network via our Catalyst Industrial Routers. With our cloud-delivered IoT Operations Dashboard, customers can use Cyber Vision to provide visibility into OT assets and their security posture, as well as leverage Secure Equipment Access for safe remote access to machines.

Cisco Certification, Cisco Career, Cisco Guides, Cisco Prep, Cisco Preparation

This past week at Cisco Live US we expanded our cloud services to our Cisco Industrial Ethernet switching portfolio in alignment with our Networking Cloud announcements. Now, customers can leverage their existing Catalyst Industrial Ethernet Switches and quickly realize the benefits of these cloud-driven software functionalities since there’s no additional hardware needed. This further enables our customers to use their network as a platform for IT to simplify, innovate, and deliver unified experiences to their customers. And it’s a key part of our Cisco Networking Cloud vision.

These OT services will be available on IE switches (Cisco IE3x00, Heavy-Duty Series Switches and Catalyst IE9300 Rugged Series Switches) independent of the network management platform used to manage the IE switches. This means that your customers can manage the industrial network through Cisco DNA center while benefiting from the simplicity and scalability of the cloud to meet the needs of OT.

What ‘s in it for you as the partner? The possibility to expand or unlock new industries such as roadways, manufacturing, and many others meaning … new industries, verticals, and businesses opportunities. For your customers, this allows different industries and industrial network architectures to leverage these OT services, bringing simplicity and scale to their organizations.

Lastly, we continue to expand our industrial networking portfolio to ensure your customer success for a variety of deployment scenarios and locations, including:

◉ Cisco Catalyst IE9300 Rugged series switches: 5 new models that enable more high-wattage and high-bandwidth devices to be connected in settings such as manufacturing, utilities, roadway intersections, transportation including train stations, seaports, and airports, and smart communities.
◉ Cisco Catalyst IW9167I Heavy Duty access point: a new Wi-Fi 6 access point with integrated antenna for outdoor and industrial deployments, so your customers can be ready for Wi-Fi 6E.

These announcements complement our comprehensive industrial networking portfolio giving you the opportunity to deliver an end-to-end solution to your customers with enterprise and industrial use cases.

Source: cisco.com

Tuesday, 4 July 2023

Make Your WAN Connectivity an Extraordinary Experience

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
Alan Dapré, author of more than 60 children’s books said, “Why be ordinary when you can be extraordinary?” You may be thinking that “extraordinary” is not a term commonly associated with network connectivity. Shouldn’t it just be like water coming out of the faucet? A utility that is … well … ordinary?

Extraordinary is an enhanced experience. And the Cisco Networking Cloud vision enables you to create an enhanced experience that your users refer to as extraordinary. With our latest SD-WAN product enhancements, we’ve made it easier for you to deliver that exceptional experience to them.

SD-WAN: New name and additional deployment option


At Cisco Live in Las Vegas, we announced the rebranding of the Viptela technology solution from Cisco SD-WAN to Cisco Catalyst SD-WAN. The Catalyst brand has always stood for the industry’s most powerful switching, wireless, and routing platforms. This name change not only provides consistent alignment with the Catalyst brand of our routing hardware, but also with our access, data center, and cloud solutions—and drives brand simplification. Cisco’s SD-WAN portfolio includes both Catalyst SD-WAN and Meraki SD-WAN fabrics to provide the most versatile solutions regardless of your use case.

Deployment options for SD-WAN connectivity


Until now, Cisco has offered two ways for you to consume Cisco Catalyst SD-WAN. First, an on-premises deployment would reside in your own data center or a managed service provider’s data center. The second option was to deploy in a Cisco hosted environment with either an AWS or Microsoft Azure cloud infrastructure.

A third deployment option is now available. Cisco Catalyst SD-WAN can be cloud-delivered to align to your infrastructure strategy. Why cloud-delivered? We recognize that operating models are changing. Organizations demand simplicity, agility, flexibility, and scalability. Cloud-delivered Catalyst SD-WAN provides a cloud-first experience with automated, rapid on-boarding and single sign-on.

Cisco provides zero-touch life cycle deployment and management of the infrastructure via Cisco’s Cloud Operations team. Customers will experience end-to-end service delivery, providing automated provisioning of the SD-WAN fabric. Cisco provides the management, monitoring, upgrades, and backup and restore. We’ve included access to end-to-end actionable insights that measure, predict, understand, and remediate potential issues, so there’s no need to implement it later. You can now consume SD-WAN with a flexible subscription model that scales to your needs and enables more precise OpEx planning and lower TCO.

Elevating the application experience


Nary a business has been unaffected by the need to support hybrid work requirements. The importance of delivering an exceptional experience to your users has risen with this trend, and the accelerated adoption of digital services has transformed enterprise IT. Unless every one of your users work from the office and all applications they access are on premises, you no longer fully control the end-to-end infrastructure, yet you are still accountable for delivering optimal digital experiences. These new capabilities and solutions help you elevate the application experience.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
ThousandEyes Service Assurance helps your organization ensure top-notch digital experiences through end-to-end network visibility and proactive insights that empower you to pinpoint, troubleshoot, resolve, and optimize performance across every network domain that matters to them—whether on premises, the internet, or cloud.

Cisco is announcing expanded support with ThousandEyes, providing visibility into public cloud networks, internet routing, and enterprise sites with new vantage points from Meraki MX (and Webex RoomOS) devices. You’ll enhance operations with automated event detection and problem isolation, and unmatched insights of your cloud connectivity.

As organizations adapt to hybrid work, IT is expected to support workers at the branch, campus, and remotely. The Meraki Z4 gateways allow IT teams to securely provide connectivity to remote workers and simultaneously manage SD-branch infrastructure across global locations on a unique cloud platform that consolidates security, SD-WAN, access, and IoT.

Simplifying IT


Technology should never get in the way of conducting business and has two essential requirements: work as expected and be simple to use.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
The latest enhancements in SD-WAN management and analytics include new Circuit and SecOps dashboards—along with step-by-step configuration templates to expedite the implementation and management of security policies. They include enhanced visibility into circuits and traffic patterns with a visual interface. An enhanced topology view has been added, and real-time tracking of network and path conditions by application-aware routing provides faster brownout detection.

We are introducing closed-loop automation capabilities to Predictive Path Recommendations (PPR). As an integral component of Cisco predictive networks, PPR delivers a predictive network solution, enabling IT personnel to proactively improve application experience. Leveraging advanced algorithms and predictive models, PPR determines the performance and policy compliance of the paths carrying the site application traffic. When performance is below historical benchmarks or SLA, PPR can make recommendations to the IT personnel and automatically implement corrective actions—before impacting users.

Granular Role-Based Access Control (RBAC) enables service providers to offer a robust co-managed SD-WAN service. Both service providers and their tenants can share or split responsibilities while maintaining accountability via auditing functionality in managing an SD-WAN overlay.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Guides, Cisco WAN
Cisco Catalyst SD-WAN now supports Cisco Umbrella’s multi-org integration, allowing customers to easily manage multiple child organizations or regions from a single Umbrella dashboard. This enables the integration of multiple Umbrella organizations with a single-tenant Cisco Catalyst SD-WAN deployment by configuring the Umbrella API integration for DNS and SIG on a per-device basis. By creating customized security policies tailored to specific needs of different regions or organizational units, customers can simplify the security management process, improve network security, and reduce the risk of security breaches. A centralized view of multiple networks reduces the time and effort to manage multiple networks and improves the user experience.

Cloud and middle-mile connectivity


Cisco SD-WAN Cloud Hub with AWS Cloud WAN provides a dynamic WAN service that allows building of a global network in a simplified and fully automated manner, within minutes. The solution delivers a secure, on-demand, flexible, and highly available middle-mile, leveraging the global AWS backbone, intent-based network management, and advanced security through a central policy framework.

Our multicloud solutions start with our enhanced cloud router—the Catalyst 8000V—a virtual router that is optimized for scale and performance for compute instances across the cloud and backbone providers. You can consume this software from public cloud marketplaces with pay-as-you-go (PAYG) licenses or bring your own license (BYOL), purchased directly from Cisco.

During Cisco Live, we announced a network-as-a-service consumption model for middle-mile services with Megaport. This PAYG model allows customers to be billed by Cisco according to the usage of their Megaport services. We also announced the availability of Megaport Ports on Cisco’s Global Price List (GPL). Customers will be able to purchase ports globally for private connectivity to Megaport Virtual Edge and for provisioning global backbones through Cisco Catalyst SD-WAN. With PAYG and Megaport Ports, you gain private connectivity to virtual edges from your data centers or sites. PAYG is important for customers because you only pay if you use them. There is no upfront commitment and no overage.

Efficiency and cost savings for service providers


Cisco Multitenant Edge for Cisco Catalyst SD-WAN platforms enables providers to securely host multiple tenants on a single physical or virtual SD-WAN platform. It simplifies and accelerates SD-WAN design and deployment, while also providing CapEx and OpEx savings. This also helps you meet your sustainability goals by powering fewer WAN appliances.

Clearly, network connectivity is no longer just an ordinary, basic utility. As we continue to build on our vision for Cisco Networking Cloud, we are enabling elevated experiences that allow you to provide connectivity experiences for your users that are truly extraordinary.

Source: cisco.com

Saturday, 1 July 2023

Launch of Cisco FSO Platform Unifies and Secures Digital Experiences at Scale

Cisco Certification, Cisco Guides, Cisco Tutorial and Materials, Cisco Prep, Cisco Career, Cisco Skills, Cisco Jobs

Today at Cisco Live, we announced the Cisco FSO Platform, an open and extensible, API-driven Full-Stack Observability (FSO) platform built on OpenTelemetry and anchored on metrics, events, logs, and traces (MELT). Advancing our Cisco Full-Stack Observability strategy, it provides AI/ML driven analytics as well as a new observability ecosystem delivering relevant and impactful business insights.

With digital experience increasingly considered a key performance indicator (KPI) at the boardroom level, the ability to unify and secure those experiences at-scale is now at the heart of all business interactions, which are now the touchpoint that companies use to connect to customers and end users. Simply put, today applications are the business.

Amid the growing reliance on applications, IT teams are feeling the pressure to ensure problems at the network or application layer do not lead to security or performance issues down the line. Developers are expected to create flawless applications and use application programming interfaces (APIs) that are secure and functional, with little room for error. For teams meeting these expectations consistently and at scale, however, is extremely challenging. Tool sprawl is real. In a just released study by IDC, with input from over 2000 organizations around the globe, they found that teams can use anywhere between 10 and up to 100 different monitoring and observability tools. This is a big barrier to collecting, managing, understanding, and sharing data. This results in delayed issue resolution including delays in threat detection and mitigation. Tool sprawl also compounds existing issues in organizations where siloed teams and siloed processes lead to higher TCO of technology with suboptimal delivery. Observability can become the primary way to reduce friction between teams by unifying data, analysis, actions, and practices. Achieving this through observability enables operational efficiency, ensures great user experience and lowers business risk. This is why IDC notes in the same study: Observability is becoming established as a key tactical and strategic function with vital benefits, executive support, and rising budgets.

Introducing Cisco FSO Platform


Cisco is uniquely positioned to deliver full-stack observability to customers. More than any other company, Cisco is defining the market. Cisco FSO Platform offers cross-domain visibility that brings teams together with real-time ingestion of massive data streams of MELT from normal business operations.

Most importantly, it provides a view relative to business context. According to Gartner regarding the broader applied observability movement, “When applied systematically, it can reduce the latency for response and optimize business operations in real time.” With the Cisco FSO Platform, business context becomes an integral part of monitoring and visibility outcomes.

A vendor-agnostic solution, Cisco FSO Platform brings data together from application, networking, infrastructure, security, cloud, sustainability, and business sources. Customers get in-context, correlated, and predictive insights so they can reduce time to resolve issues, optimize experiences and minimize business risk.

In addition, it provides the flexibility of extending Cisco FSO Platform for creation of new or custom business use cases including monitoring and analysis of APIs. It enables extensibility from queries, data ingestion pipelines, and entity models all the way to APIs and a composable UI framework.

Cisco FSO Platform extensibility means developers can build their own observability solutions that natively correlate and integrate with other signals and modules. It also equips developers with a seamless extension of Cisco’s entity-centric model, allowing them to collect and analyze MELT data generated by any source – not just applications and hosts.

Developers can use the platform to enrich existing entities, their attributes, and relationships, or to create new ones. These capabilities make it easy to create, launch, and monetize custom use cases as modules on Cisco FSO Platform, spawning an ecosystem of more customers and partners.

Cisco FSO Platform Applications


Cloud Native Application Observability is the premier solution delivered on Cisco FSO Platform. Cisco’s application performance management (APM) solution for cloud native architectures, it helps customers achieve business outcomes in their own context, make the right digital experiences-related decisions, ensure performance alignment with end-user expectations, prioritize and reduce risk, and secure workloads.

The first set of applications on Cisco FSO Platform, and built by Cisco, are Cost Insights from Cisco, Application Resource Optimizer from Cisco, Security Insights from Cisco, and Cisco AIOps.

Working with partners to develop and monetize a diverse ecosystem of solutions for Cisco FSO Platform, we are partnering to enable meaningful, new use cases and deliver customer value from observable telemetry. For example, launch partners CloudFabrix, Evolutio, and Kanari have built novel solutions that extend Cisco’s FSO Platform reach to new customers and new business objectives.

Ultimately, it’s a solution whose time has come. Cisco FSO Platform accelerates and extends Cisco’s Full-Stack Observability strategy, which allows teams to bring together telemetry data from their own context and drive correlated insights across the entire IT estate with business context.

It makes it possible to move faster to identify, prioritize, and remediate potential problems in near real-time with insights correlated to business context. Delivering outstanding, reliable, secure digital experiences that are true drivers of business is no longer an abstract “concept” — with Cisco FSO Platform it’s business as usual.

Source: cisco.com

Thursday, 29 June 2023

How Secure Network Analytics 7.4.2 delivers world-class NDR

Cisco is dedicated to providing genuine added value to customers, and we believe our new version of Secure Network Analytics (SNA) – software release 7.4.2 – more than drives that point home. Packed with enhancements, including better data ingestion and processing, advanced detection, and hardware integrations, this new SNA implementation delivers the essential, high-demand network visibility and detection needed to safeguard the business efficiently and effectively.

Data Store architecture takes center stage

So, what’s the most notable improvement in 7.4.2? Better Data Store architecture. With the ability migrate existing SNA implementation over to this architecture, users can access enhancements added over multiple iterations — all designed to make gathering and storing info easier.

It starts with flow collectors. This new release aims to minimize the number needed, using a centralized database instead to handle the processing of collected flows – a substantial change designed to improve fault tolerance, add resiliency, and preserve your historical data – even when it’s deployed in more than three data nodes.

Query response times are also faster, and we’ve also added better reporting. So, between these two enhancements alone, charts, graphs, and your top-5 accessed reports will load up within minutes, rather than hours.

On the telemetry front, 7.4.2 is very scalable. It’s already compatible with NetFlow, NVM, FTD, and ASA Firewall telemetry, but it will also be adaptable to future types of telemetry.

And one of the biggest benefits is enhanced maintenance. This architecture delivers a substantial increase in flow processing rates, scaling up to as much as 1 million Flows Per Second (FPS). This is an almost two-fold increase over the previous rate. But now with a centralized primary database to process flows, this makes maintenance easier — and reduces costs – a high priority across many industries.

Here are some of the specific feature enhancements you’ll see with 7.4.2:

Converged analytics meets powerful detection

In one specific deployment model, the Converged Analytics workflow delivers superior intel by using a more robust and efficient threat detection engine, and centralized data is leveraged to create reliable, relevant alerts.

Compared to the original SNA alarms, these are drastically quieter – and more in-tune with what’s happening now – delivering context based on the network and advanced behavioral analytics. In other words, SNA creates a instant baseline, learns what behavior is considered “normal” over time, and only triggers an alert if a user fails to follow that trend.


This new centralized engine can in fact now produce new alerts on additional telemetry types, such as Remote Worker detections leveraging the Network Visibility Module (NVM). This represents an important milestone in the threat detection capabilities for the Secure Network Analytics offering, which can now cover important use cases for the market as the need for remote worker visibility continuously increases. To add to the capabilities of Converged Analytics, the engine can also dynamically provide role modeling detections based on the behavior of assets in the network.


This feature helps provide needed context for the detection engine so it can understand an entity’s behavior and create relevant alerts that are meaningful to each customer’s circumstances.

And one more performance boost to note. Secure Network Analytics now integrates with the latest M6 hardware appliance. This yields better Flow Collector ingestion rates, faster flow search queries, and an overall increase in the throughput for the Flow Sensors. Cisco Telemetry Broker is also integrated, which enables users to redirect traffic from any source to a Secure Network Analytics deployment.

With all the improvements to the data ingestion mechanism, the product can effectively achieve XDR outcomes with its native functionality and integration with SecureX. By leveraging multiple telemetry sources, customers can achieve broad network visibility and easily consume relevant detections for potential threats in their network. The simplified workflow reduces the need for users to understand the meaning and source of an alert, enabling them to respond and remediate faster. Thanks to this, organizations can safeguard their assets in time and prevent attackers from breaching the network.


While there are many more details that showcase the fantastic work by the Cisco team, this summary provides a conceptual overview that illustrates the added value for customers who upgrade to the latest 7.4.2 release. And as the market continues to evolve and organizations need a strong Network Detection and Response solution to protect their business and assets, Secure Network Analytics will continue leading the market with a world-class solution that solves customers’ most prominent and urgent needs.

Source: cisco.com

Tuesday, 27 June 2023

Cisco and Intel Demonstrate Interoperability for Open RAN

Cisco and Intel validate interoperability between Cisco Nexus 93180YC-FX3 Switch and Intel® Ethernet 800 Series Network Adapters that feature enhanced timing capabilities for faster and lower cost Open RAN (Radio Access Networks) deployments.

The emergence of Open RAN (O-RAN) standards and solutions is based on the virtualization of network functions and a multi-vendor ecosystem to grow innovation while driving down 5G network operation costs. But an open ecosystem requires each network element to communicate and interoperate with the others. Cisco and Intel have collaborated on a network solution for communications service providers (CoSPs) that delivers on the O-RAN promise.

To address integration challenges faced by CoSPs when deploying Open RAN network infrastructure, Cisco and Intel have combined forces to validate seamless interoperability between Intel® Ethernet 800 Series Network Adapters with enhanced network timing capabilities and Cisco Nexus 93180YC-FX3 network switches.

The Promise of Open RAN


Radio access networks (RANs) historically have been built from proprietary equipment and systems that relied on hardware-centric, centralized, single-vendor components. These systems locked CoSPs into specific vendors and costly integrations, often limiting their ability to scale and innovate. The O-RAN set of standards specifies open, intelligent, virtualized, and fully interoperable RANs supported by multi-vendor interoperability, with a scalable, secure, cloud-native infrastructure that enables service delivery to the network edge, closer to the user.

Solution disaggregation and the use of open interfaces opened the door for the first time for commercial-off-the-shelf (COTS) servers, routers and other networking equipment. But it also increased the need for interoperability between network systems.

One area where this is critical is fronthaul synchronization (Figure 1). The fronthaul in 5G networks is part of cloud-based RAN connecting standalone radio units (RUs) and distributed units (DUs) installed at remote cell sites with centralized units (CUs) that can aggregate multiple DUs and exist in the cloud. This architecture pushes compute power to the network edge and enables support for applications that require high bandwidth and extremely low latency.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Certification
Figure 1 Open RAN fronthaul transport configuration incorporating Cisco Nexus 9300 Series switches.

Fronthaul synchronization involves the network adapter and the network switch to ensure that data packet order is accurate, secure, and consistently delivered between data source and endpoints without data loss or corruption so that products from different vendors can seamlessly communicate.

The synchronization plane (S-Plane) controls timing and synchronization between the DU and the RU, and highly accurate timing and synchronization is required for processes such as multiple input/multiple output (MIMO), time-division duplexing (TDD), and carrier aggregation of multiple O-RUs.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Certification
Figure 2. The S-Plane synchronizes between the O-DU and O-RU using PTP and SyncE timing protocols.

Validated Interoperability


In this application (Figure 3), interoperability needs to be considered for these S-Plane functions. To address interoperability challenges faced by CoSPs when deploying Open RAN network infrastructure, Cisco and Intel have combined forces to verify interoperability between Intel Ethernet Network Adapter E810-XXVDA4T and Cisco Nexus 93180YC-FX3 network switches.

This collaboration is part of Intel’s interoperability verification program, which features a dedicated Intel lab that evaluates Intel Ethernet 800 Series Network Adapters connected to a wide range of media types and Ethernet switches. The goal of the interoperability verification program is to test and ensure compliance to IEEE standards and also to quality-assure the PHY functionality of Intel Ethernet Network Adapters.

Cisco and Intel successfully performed the following tests:

Test 1: Cisco Nexus 93180YC-FX3 Switch and the Intel Ethernet Network Adapter E810-XXVDA4T successfully passed 25Gbps line rate radio traffic.
Test 2: Clocking features such as 1588 PTP Telcom Profile 8275.1 and frequency synchronization (SyncE) demonstrated.
Test 3: Clock received by virtual DU over the network using 1588 PTP and SyncE.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials, Cisco Certification
Figure 3. Example Distributed Unit (DU) deployment using Intel Ethernet Network Adapter E810-XXVDA4T and Cisco N9K-C93180YC-FX3.

Result: Through this verification and quality assurance of interoperability, Intel and Cisco have worked closely to simplify platform integrations and accelerate validation and deployment to deliver a solution that assures ease of integration for Open RAN deployments. Intel and Cisco plan to continue these interoperability tests with upcoming products from both companies.

Conclusion

Cisco and Intel have a long history of collaboration and their commitment to interoperability for CoSP applications is showcased in their tight integration of network adapters and switch solutions for Open RAN applications eased deployments, faster time-to-market, lower total cost of ownership, and scalability and customizability for CoSPs committed to the advantages of O-RAN.

Source: cisco.com

Saturday, 24 June 2023

Cisco Silicon One Breaks the 51.2 Tbps Barrier

In December 2019, we made a bold announcement about how we’d forever change the economics of the internet and drive innovation at speeds like no one had ever seen before. These were ambitious claims, and not surprisingly, many people took a wait-and-see attitude. Since then, we’ve continued to innovate at an increasingly fast pace, leading the industry with innovative solutions that meet our customers’ needs.

Today, just three and a half years after launching Cisco Silicon One™, we’re proud to announce our fourth-generation set of devices, the Cisco Silicon One G200 and Cisco Silicon One G202, which we are sampling to customers now. Typically, new generations are launched every 18 to 24 months, demonstrating a pace of innovation that’s two times faster than normal silicon development.

The Cisco Silicon One G200 offers the benefits of our unified architecture and focuses specifically on enhanced Ethernet-based artificial intelligence/machine learning (AI/ML) and web-scale spine deployments. The Cisco Silicon One G200 is a 5 nm, 51.2 Tbps, 512 x 112 Gbps serializer-deserializer (SerDes) device. It is a uniquely programmable, deterministic, low-latency device with advanced visibility and control, making it the ideal choice for web-scale networks.

The Cisco Silicon One G202 brings similar benefits to customers who still want to use the 50G SerDes for connecting optics to the switch. It is a 5 nm, 25.6 Tbps, 512 x 56 Gbps SerDes device with the same characteristics as the Cisco Silicon One G200 but with half the performance.

To achieve the vision of Cisco Silicon One, it was imperative for us to invest in key technologies. Seven years ago, Cisco began investing in our own high-speed SerDes development and realized immediately that as speeds increase, the industry must move to analog-to-digital (ADC)-based SerDes. SerDes acts as a fundamental building block of networking interconnect for high-performance compute and AI deployments. Today, we are pleased to announce our next-generation, ultra-high performance, and low-power 112 Gbps ADC SerDes capable of ultra-long reach channels supporting 4-meter direct-attach cables (DACs), traditional optics, linear drive optics (LDO), and co-packaged optics (CPO), while minimizing silicon die area and power.

Cisco Silicon, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials
Figure 1. Cisco Silicon One product family

The Cisco Silicon One G200 and G202 are uniquely positioned in the industry with advanced features to optimize real-world performance of AI/ML workloads—while simultaneously driving down the cost, power, and latency of the network with significant innovations.

The Cisco Silicon One G200 is the ideal solution for Ethernet-based AI/ML networks for several reasons:

~ With the industry’s highest radix switch, with 512 x 100GE Ethernet ports on one device, customers can build a 32K 400G GPUs AI/ML cluster with a 2-layer network requiring 50% less optics, 40% fewer switches, and 33% fewer networking layers—drastically reducing the environmental footprint of the AI/ML cluster. This saves up to 9 million kWh per year, which according to the U.S. Environmental Protection Agency is equivalent to more than 6,000 metric tons of carbon dioxide (CO2e) or burning 7.3 million pounds of coal per year.

~ Advanced congestion-aware load balancing techniques enable networks to avoid traditional congestion events.

~ Advanced packet-spraying techniques minimize creation of congestion hot spots in the network.

~ Advanced hardware-based link-failure recovery delivers optimal performance across massive web-scale networks, even in the presence of faults.

Cisco Silicon, Cisco Career, Cisco Skills, Cisco Jobs, Cisco Prep, Cisco Preparation, Cisco Tutorial and Materials

Figure 2. Benefits of large radix 51.2 Tbps switches

Cisco Silicon One Innovations


Here’s a closer look at some of our many Cisco Silicon One–related innovations:

Converged architecture

~ Cisco Silicon One provides one architecture that can be deployed across customer networks, from routing roles to web-scale front-end networks to web-scale back-end networks, dramatically reducing deployment timelines, while simultaneously minimizing ongoing operations costs by enabling a converged infrastructure.

~ Using a common software development kit (SDK) and standard Switch Abstraction Interface (SAI) layers, customers need only port the Cisco Silicon One environment to their network operating system (NOS) once and make use of that investment across diverse network roles.

~ Like all our devices, the Cisco Silicon One G200 has a large and fully unified packet-buffer optimizing burst-absorption and throughput in large web-scale networks. This minimizes head-of-line blocking by absorbing bursts instead of the generation of priority flow control.

Optimization across the entire value chain

~ The Cisco Silicon One G200 has up to two times higher radix than other solutions with 512 Ethernet MACs, enabling customers to significantly reduce the cost, power, and latency of network deployments by removing layers of their network.

~ With our own internally developed, next-generation, SerDes technology, the Cisco Silicon One G200 device is capable of driving 43 dB bump-to-bump channels that enable co-packaged optics (CPO), linear pluggable objects (LPO), and the use of 4-meter 26 AWG copper cables, which is well beyond IEEE standards for optimal in-rack connectivity.

~ The Silicon One G200 is over two times more power efficient with two times lower latency compared to our already optimized Cisco Silicon One G100 device.

~ The physical design and layout of the device is built with a system-first approach, allowing customers to run system fans slower, dramatically decreasing system power draw.

Innovative load balancing and fault detection

~ Support for non-correlated, weighted equal-cost multipath (WECMP) and equal-cost multipath (ECMP) load balancing capabilities with near-ideal characteristics help to avoid hash polarization, even across massive networks.

~ Congestion-aware load balancing for stateful ECMP, flow, and flowlet enables optimal network throughput with optimal flow-completion time and job-completion time (JCT).

~ Congestion-aware stateless packet spraying enables near ideal JCT by using all available network bandwidth, regardless of flow characteristics.

~ Support for hardware-based redistribution of packets based on link failures enables Cisco Silicon One G200 to optimize real-world throughput of massive scale networks.

Advanced packet processor

~ The Cisco Silicon One G200 uses the industry’s first fully custom, P4 programmable parallel packet processor capable of launching more than 435 billion lookups per second. It supports advanced features like SRv6 Micro-SID (uSID) at full rate and is extendable with full run-to-completion processing for even more complex flows. This unique packet processing architecture enables flexibility with deterministic low latency and power.

Deep visibility and analytics

~ Programmable processors enable support for standard and emerging web-scale in-band telemetry standards providing industry-leading network visibility.

~ Embedded hardware analyzers detect microbursts with pre- and post-event logging of temporal flow information, giving network operators the ability to analyze network events after the fact with hardware time visibility.

A new generation of network capabilities


Gone are the days when the industry operated in silos. With its one unified architecture, Cisco Silicon One erases the hard dividing lines that have defined our industry for too long. Customers no longer need to worry about architectural differences rooted in past imagination and technology limitations. Today, customers can deploy Cisco Silicon One in a multitude of ways across their networks.

With the Cisco Silicon One G200 and G202 devices, we extend the reach of Cisco Silicon One with optimized high-bandwidth devices purpose-built for spine and AI/ML deployments. Customers can save money by deploying fewer and more efficient devices, enjoy new deployment topologies with ultra-long-reach SerDes, improve their AI/ML job performance with innovative load balancing and fault discovery techniques, and improve network debuggability with advanced telemetry and hardware analyzers.

If you’ve been watching since we first announced Cisco Silicon One in December 2019, it is easy to see that this is just the beginning. We’re looking forward to continuing to accelerate the value addition for our customers.

Stay tuned for more exciting Cisco Silicon One developments.

Source: cisco.com

Thursday, 22 June 2023

The Value of SOC2 and ISO27001 in Enhancing Customer Trust

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Tutorial and Materials, Cisco Guides, Cisco Preparation

In an era of ever-evolving cybersecurity threats, a strong security posture for your cloud-based applications is paramount. Certifications such as SOC2 and ISO27001 represent an international benchmark that demonstrate a product’s robustness in security, service resiliency, and sound data management practices. Recently, our product, Secure Email Threat Defense, successfully completed the SOC2 certification process, and I’d like to share our experience to highlight the importance of these certifications for security-conscious buyers.

To gain certification, our team had to show an accredited external auditor that Secure Email Threat Defense met or exceeded the requirements of SOC2 and ISO27001. In obtaining SOC2 Type 2 certification, we validated our adherence to the Trust Services Criteria: security, availability, and confidentiality. ISO27001 further demanded effective processes and controls to protect information systems and contained data.

These combined certifications assure our customers that Email Threat Defense:

◉ Operates in a secure, reliable, and responsible manner.
◉ Protects our customers’ information.
◉ Provides transparency in system development, deployment, and maintenance as evidenced in our SOC2 Type 2 report.
◉ Commits to independent audits that will validate the effectiveness of our controls, both procedurally and from an implementation perspective.

As part of the audit process, Email Threat Defense had to prove its commitment to internal processes and provide evidence of ongoing adherence to internal controls. Our efforts in access management, change management, business continuity, incident response, and vulnerability management were scrutinized.

In the area of access management, we showcased our commitment to best practices and granular access permissions, ensuring that customer data is protected at all times. When it comes to change management, we follow strict policies and require approval for all system changes, enabling us to deliver quality features quickly.

Our business continuity and incident response capabilities were also thoroughly reviewed. We demonstrated our service’s resiliency to upstream service failures within AWS and Azure, as well as our team’s robust incident response capabilities. In a disaster recovery scenario, we showed our ability to restore critical customer data, including Search and Reporting data.

Cisco Career, Cisco Skills, Cisco Jobs, Cisco Learning, Cisco Tutorial and Materials, Cisco Guides, Cisco Preparation

Finally, in the realm of vulnerability management, we proved our ability to remediate vulnerabilities within industry-standard SLAs, thereby mitigating the risk of known and emerging threats.

By obtaining SOC2 and ISO27001 certifications, we have displayed our unwavering commitment to information security and to our customers, providing an additional layer of trust for our users. For security-conscious buyers, these certifications represent a reliable method for evaluating the security posture of cloud-based applications such as Email Threat Defense. These certifications are not merely symbolic badges; they indicate a level of trust that our customers can rely on  in an uncertain cybersecurity landscape. We’re proud of the work we’ve done to achieve this significant milestone and we will continue to prioritize security as we further develop, innovate, and optimize Email Threat Defense.

Source: cisco.com