How to avoid common mistakes when adopting AI

I’ll never cease to be amazed by the Olympic runners. As someone who has logged my fair share of runs, I’m totally mesmerized by these runners’ paces. I get short of breath just watching them on my TV.

Olympic runners are worthy of our admiration. But these athletes didn’t wake up the day before the Olympics and decide to hop a flight to Paris. Their freedom to run at break-neck speed required years of discipline and training.

They had a method. They trained. Step-by-step. Day-by-day. Until, one day in Paris, they were finally able to harness this power.

This is how we should view AI.

Just like training to be expert runner, a recent Gartner® report (which you can access here complimentarily) emphasizes the importance of a measured approach. According to Gartner, “The building blocks of AI adoption are various and diverse in real life. Nevertheless, when assembled, they follow general principles that support AI progress.” Gartner mentions that “applying these principles is necessary to set realistic expectations, avoid common pitfalls, and keep AI initiatives on track.”

You can’t be in the Olympics on day one — nor do you want to be in the Olympics on day one. Growing into an AI-mature organization is about following a roadmap — a proven method — and not biting off more than you can chew.

By defining a clear strategy, communicating frequently, and setting measurable outcomes, organizations can optimize their results and avoid common pitfalls.

The Gartner phased approach to AI adoption

AI can help you classify and understand complex sets of data, automate decisions without human intervention, and generate anything from content to code by utilizing large repositories of data. However, if you underestimate the importance of getting your priorities in order first, you may be forced to learn the hard way and suffer delays and frustration.

In the report, Gartner offers an AI adoption framework where “organizations will avoid major pitfalls and maximize the chances of successful AI implementation.” Gartner tells organizations to “use the AI adoption curve to identify and achieve your goals for activities that increase AI value creation by solving business problems better, faster, at a lower cost and with greater convenience.”

Let’s look at our takeaways from these key phases.

Phase 1. Planning

Start small. Getting into peak running condition starts with short runs. Identify and recruit an internal champion to help socialize efforts and secure support from key stakeholders. Establish three to six use cases with measurable outcomes that benefit your line of business.

Phase 2. Experimentation

Practice makes perfect. Invest in the humans, processes, and technology that ease the transition between phases, such as funding a Center of Excellence (COE) and teaching practical knowledge of cloud AI APIs. Build executive awareness with realistic goals. Experiment. Break things. And don’t be afraid to change course on your strategy. Be flexible and know when to pivot!

Phase 3. Stabilization

At this point in the process, you have a basic AI governance model in place. The first AI use cases are in production, and your initial AI implementation team has working policies to mitigate risks and assure compliance. This stage is referred to as the “pivotal point” — it is all about stabilizing your plans, so you are ready to expand with additional, more complex use cases.

With strategic objectives defined, budgets in place, AI experts on hand, and technology at the ready, you can finalize an organizational structure and complete the processes for the development and deployment of AI.

Phase 4. Expansion

High costs are common at this stage of AI adoption as initial use cases prove their value and momentum builds. It’s natural to hire more staff, upskill employees, and incur infrastructure costs as the wider organization takes advantage of AI in daily operations.

Track spending and be sure to demonstrate progress against goals to learn from your efforts. Socialize outcomes with stakeholders for transparency. Remember, just like run training, it’s a process of steady improvement. Track your results, show progress, and build on your momentum. As you grow more experienced, you should expand, evolve, and optimize. Providing your organization sees measurable results, consider advancing efforts to support more high risk/high reward use cases.

Phase 5. Leadership

AI will succeed in an organization that fosters transparency, training, and shared usage of across business units, not limited to exclusive access. Build an “AI first” culture from the top down, where all workers understand the strengths and weaknesses of AI to be productive and innovate security.

Lessons from the AI graveyard

AI adoption will vary and that’s okay! Follow these steps to ensure you stay on the path most appropriate for your business. Avoid common mistakes of caving to peer pressure and focus on creating a responsible use of AI that enables you to reduce technology risks and work within the resources currently available. Here’s some advice from those that hit a speedbump or two.

1. Choose your first project carefully; most AI projects fail to deploy as projected.
2. Don’t underestimate the time it takes to deploy.
3. Ensure your team has the right skills, capacity, and experience to take advantage of AI trends.

No two AI journeys are the same

According to Gartner, “By 2025, 70% of enterprises will have operationalized AI architectures due to the rapid maturity of AI orchestration platforms.” Don’t get discouraged if you are in the 30% that may not be on that path.

Every organization will choose to adopt AI at the rate that is right for them. Some organizations consider themselves laggards, but they are learning from their peers and are taking the necessary steps to create a successful AI implementation. “By 2028, 50% of organizations will have replaced time-consuming bottom-up forecasting approaches with AI, resulting in autonomous operational, demand, and other types of planning.”

Read the complementary report to learn more about key adoption indicators and recommendations to ensure data is central to your strategy—from determining availability, to integration, access and more. This Gartner report provides hands-on, practical tips to help build confidence with tips and recommendations to help embrace the AI journey from planning to expansion.

Source: cisco.com

Continue reading

The AI Revolution: Transforming Technology and Reshaping Cybersecurity

Artificial Intelligence (AI) is revolutionizing government and technology, driving an urgent need for innovation across all operations. Although historically, local and state government systems have seen only incremental changes with limited AI adoption, today, a significant shift is occurring as AI is integrated across all government sectors.

Benefits of AI Integration

The benefits of these changes are evident. AI-powered systems analyze vast amounts of data, offering insights for better decision-making. Public services become more personalized and efficient, reducing wait times and enhancing citizen satisfaction. Security is significantly bolstered through AI-driven threat detection and response. Consequently, governments are adopting AI and advanced software applications to provide secure, reliable, and resilient services to their citizens, enhancing digital engagement and communication within their communities.

With this rapid growth, cybersecurity operations are among the areas most significantly impacted by advancements in artificial intelligence. CyberOps is at a unique intersection, needing to leverage advanced AI capabilities to enhance effectiveness and resiliency. However, numerous applications and connections are simultaneously challenging it by utilizing emerging AI capabilities to improve their effectiveness and resilience. Despite historically being rigid and resistant to change, CyberOps must adapt to the challenges of an AI-driven digital world.

Whole-of-State / Agency Cybersecurity Approach

Whole-of-State cybersecurity and zero trust governments can be challenged with maintaining digital operations while ensuring sensitive information’s privacy and security. Cisco’s technology allowed agencies to easily meet these requirements through advanced AI-powered security solutions and privacy-preserving AI models. Thanks to techniques like federated learning and differential privacy, sensitive information could be processed and analyzed without compromising individual privacy.

Adopting AI-Driven Services

Adopting AI-driven, easily consumable, on-demand services provides a secure, sustainable, and reliable foundation to build on. Investing in an infrastructure that is secure and flexible allows governments to quickly pivot to the emerging opportunities that the AI revolution brings. No one person could have predicted or prepared for such a transformative shift. Still, the ability to rapidly adapt to the challenges it brought and continue to serve the community and citizens in the ways they deserve is key.

Challenges and Adaptation

Don’t be mistaken, change is often hard. Humans are creatures of habit and comfort and rarely like to be pushed outside our comfort zone. Unfortunately, the AI revolution is doing just that. It is forcing us to adapt and discover new ways to operate and provide what are now seen as even the most basic digital services. The drive and demand for AI-powered services in the government sector are rapidly expanding. We are experiencing one of the most significant catalysts for technological adoption in the state and local government space since the internet became mainstream.

This revolution is driving the necessity for a whole-of-state cybersecurity and zero trust approach. The goal is no longer maintaining the status quo but rather achieving a level of service that provides the foundation for how things can be in an AI-enabled world. Providing enhanced, secure services and support to the community has become the resounding focus of state and local governments.

Cisco’s Role in Supporting Governments

As we navigate this AI revolution, Cisco stands ready to support governments in their journey towards whole-of-state cybersecurity and zero trust adoption. Our comprehensive suite of AI-powered solutions provides the building blocks for a secure and efficient AI-enabled government infrastructure. The shift to a more inclusive, AI-driven government began with specific applications but is rapidly expanding to all sectors and offerings in the state and local government spaces.

Source: cisco.com

Continue reading

Optimizing AI Workloads with NVIDIA GPUs, Time Slicing, and Karpenter

Maximizing GPU efficiency in your Kubernetes environment

In this article, we will explore how to deploy GPU-based workloads in an EKS cluster using the Nvidia Device Plugin, and ensuring efficient GPU utilization through features like Time Slicing. We will also discuss setting up node-level autoscaling to optimize GPU resources with solutions like Karpenter. By implementing these strategies, you can maximize GPU efficiency and scalability in your Kubernetes environment.

Additionally, we will delve into practical configurations for integrating Karpenter with an EKS cluster, and discuss best practices for balancing GPU workloads. This approach will help in dynamically adjusting resources based on demand, leading to cost-effective and high-performance GPU management. The diagram below illustrates an EKS cluster with CPU and GPU-based node groups, along with the implementation of Time Slicing and Karpenter functionalities. Let’s discuss each item in detail.

Basics of GPU and LLM

A Graphics Processing Unit (GPU) was originally designed to accelerate image processing tasks. However, due to its parallel processing capabilities, it can handle numerous tasks concurrently. This versatility has expanded its use beyond graphics, making it highly effective for applications in Machine Learning and Artificial Intelligence.

When a process is launched on GPU-based instances these are the steps involved at the OS and hardware level:

• Shell interprets the command and creates a new process using fork (create new process) and exec (Replace the process’s memory space with a new program) system calls.
• Allocate memory for the input data and the results using cudaMalloc(memory is allocated in the GPU’s VRAM)
• Process interacts with GPU Driver to initialize the GPU context here GPU driver manages resources including memory, compute units and scheduling
• Data is transferred from CPU memory to GPU memory
• Then the process instructs GPU to start computations using CUDA kernels and the GPU schedular manages the execution of the tasks
• CPU waits for the GPU to finish its task, and the results are transferred back to the CPU for further processing or output.
• GPU memory is freed, and GPU context gets destroyed and all resources are released. The process exits as well, and the OS reclaims the resource

Compared to a CPU which executes instructions in sequence, GPUs process the instructions simultaneously. GPUs are also more optimized for high performance computing because they don’t have the overhead a CPU has, like handling interrupts and virtual memory that is necessary to run an operating system. GPUs were never designed to run an OS, and thus their processing is more specialized and faster.

Large Language Models

A Large Language Model refers to:

• “Large”: Large Refers to the model’s extensive parameters and data volume with which it is trained on
• “Language”: Model can understand and generate human language
• “Model”: Model refers to neural networks

Run LLM Model

Ollama is the tool to run open-source Large Language Models and can be download here https://ollama.com/download

Pull the example model llama3:8b using ollama cli

ollama -h

Large language model runner

​

Usage:

  ollama [flags]

  ollama [command]

​

Available Commands:

  serve Start ollama

  create Create a model from a Modelfile

  show Show information for a model

  run Run a model

  pull Pull a model from a registry

  push Push a model to a registry

  list List models

  ps List running models

  cp Copy a model

  rm Remove a model

  help Help about any command

​

Flags:

  -h, --help help for ollama

  -v, --version Show version information

​

Use "ollama [command] --help" for more information about a command.

ollama pull llama3:8b: Pull the model

ollama pull llama3:8b

pulling manifest 

pulling 6a0746a1ec1a... 100% ▕██████████████████████████████████████████████████████████████████ 4.7 GB 

pulling 4fa551d4f938... 100% ▕██████████████████████████████████████████████████████████████████ 12 KB 

pulling 8ab4849b038c... 100% ▕██████████████████████████████████████████████████████████████████ 254 B 

pulling 577073ffcc6c... 100% ▕██████████████████████████████████████████████████████████████████ 110 B 

pulling 3f8eb4da87fa... 100% ▕██████████████████████████████████████████████████████████████████ 485 B 

verifying sha256 digest 

writing manifest 

removing any unused layers 

success

ollama list: List the models

developer:src > ollama show llama3:8b

  Model 

        arch llama 

        parameters 8.0B 

        quantization Q4_0 

        context length 8192 

        embedding length 4096 

  Parameters 

        num_keep 24 

        stop "<|start_header_id|>" 

        stop "<|end_header_id|>" 

        stop "<|eot_id|>" 

  License 

        META LLAMA 3 COMMUNITY LICENSE AGREEMENT 

        Meta Llama 3 Version Release Date: April 18, 2024

ollama run llama3:8b: Run the model

developer:src > ollama run llama3:8b

>>> print all primes between 1 and n

Here is a Python solution that prints all prime numbers between 1 and `n`:

​

```Python

def print_primes(n):

    for possiblePrime in range(2, n + 1):

        # Assume number is prime until shown it is not. 

        isPrime = True

        for num in range(2, int(possiblePrime ** 0.5) + 1):

            if possiblePrime % num == 0:

                isPrime = False

                break

        if isPrime:

            print(possiblePrime)

​

n = int(input("Enter the number: "))

print_primes(n)

```

​

In this code, we loop through all numbers from `2` to `n`. For each number, we assume it's prime and then check if it has any 

divisors other than `1` and itself. If it does, then it's not a prime number. If it doesn't have any divisors, then it is a 

prime number.

​

The reason why we only need to check up to the square root of the number is because a larger factor of the number would be a 

multiple of smaller factor that has already been checked.

​

Please note that this code might take some time for large values of `n` because it's not very efficient. There are more 

efficient algorithms to find prime numbers, but they are also more complex.

Source: cisco.com

Continue reading

Unlock the Potential of AI/ML Workloads with Cisco Data Center Networks

Harnessing data is crucial for success in today’s data-driven world, and the surge in AI/ML workloads is accelerating the need for data centers that can deliver it with operational simplicity. While 84% of companies think AI will have a significant impact on their business, just 14% of organizations worldwide say they are fully ready to integrate AI into their business, according to the Cisco AI Readiness Index.

Read More: 300-610: Designing Cisco Data Center Infrastructure (DCID)

The rapid adoption of large language models (LLMs) trained on huge data sets has introduced production environment management complexities. What’s needed is a data center strategy that embraces agility, elasticity, and cognitive intelligence capabilities for more performance and future sustainability.

Impact of AI on businesses and data centers

While AI continues to drive growth, reshape priorities, and accelerate operations, organizations often grapple with three key challenges:

◉ How do they modernize data center networks to handle evolving needs, particularly AI workloads?

◉ How can they scale infrastructure for AI/ML clusters with a sustainable paradigm?

◉ How can they ensure end-to-end visibility and security of the data center infrastructure?

Figure 1: Key network challenges for AI/ML requirements

While AI visibility and observability are essential for supporting AI/ML applications in production, challenges remain. There’s still no universal agreement on what metrics to monitor or optimal monitoring practices. Furthermore, defining roles for monitoring and the best organizational models for ML deployments remain ongoing discussions for most organizations. With data and data centers everywhere, using IPsec or similar services for security is imperative in distributed data center environments with colocation or edge sites, encrypted connectivity, and traffic between sites and clouds.

AI workloads, whether utilizing inferencing or retrieval-augmented generation (RAG), require distributed and edge data centers with robust infrastructure for processing, securing, and connectivity. For secure communications between multiple sites—whether private or public cloud—enabling encryption is key for GPU-to-GPU, application-to-application, or traditional workload to AI workload interactions. Advances in networking are warranted to meet this need.

Cisco’s AI/ML approach revolutionizes data center networking

At Cisco Live 2024, we announced several advancements in data center networking, particularly for AI/ML applications. This includes a Cisco Nexus One Fabric Experience that simplifies configuration, monitoring, and maintenance for all fabric types through a single control point, Cisco Nexus Dashboard. This solution streamlines management across diverse data center needs with unified policies, reducing complexity and improving security. Additionally, Nexus HyperFabric has expanded the Cisco Nexus portfolio with an easy-to-deploy as-a-service approach to augment our private cloud offering.

Figure 2: Why the time is now for AI/ML in enterprises

Nexus Dashboard consolidates services, creating a more user-friendly experience that streamlines software installation and upgrades while requiring fewer IT resources. It also serves as a comprehensive operations and automation platform for on-premises data center networks, offering valuable features such as network visualizations, faster deployments, switch-level energy management, and AI-powered root cause analysis for swift performance troubleshooting.

As new buildouts that are focused on supporting AI workloads and associated data trust domains continue to accelerate, much of the network focus has justifiably been on the physical infrastructure and the ability to build a non-blocking, low-latency lossless Ethernet. Ethernet’s ubiquity, component reliability, and superior cost economics will continue to lead the way with 800G and a roadmap to 1.6T.

Figure 3: Cisco’s AI/ML approach

By enabling the right congestion management mechanisms, telemetry capabilities, ports speeds, and latency, operators can build out AI-focused clusters. Our customers are already telling us that the discussion is moving quickly towards fitting these clusters into their existing operating model to scale their management paradigm. That’s why it is essential to also innovate around simplifying the operator experience with new AIOps capabilities.

With our Cisco Validated Designs (CVDs), we offer preconfigured solutions optimized for AI/ML workloads to help ensure that the network meets the specific infrastructure requirements of AI/ML clusters, minimizing latency and packet drops for seamless dataflow and more efficient job completion.

Figure 4: Lossless network with Uniform Traffic Distribution

Protect and connect both traditional workloads and new AI workloads in a single data center environment (edge, colocation, public or private cloud) that exceeds customer requirements for reliability, performance, operational simplicity, and sustainability. We are focused on delivering operational simplicity and networking innovations such as seamless local area network (LAN), storage area network (SAN), AI/ML, and Cisco IP Fabric for Media (IPFM) implementations. In turn, you can unlock new use cases and greater value creation.

Source: cisco.com

Continue reading

Blueprint to Cisco 300-445 ENNA Success: A Step-by-Step Guide

The Cisco 300-445 ENNA certification is a pivotal milestone for network professionals aiming to excel in enterprise network assurance. This comprehensive guide will walk you through what the Cisco CCNP Enterprise certification entails, how to start preparing for it, the exam content, and who should consider earning it.

Cisco 300-445 ENNA Exam Overview

The Cisco 300-445 ENNA, or Cisco Designing and Implementing Enterprise Network Assurance, is a certification that validates a professional’s expertise in designing, implementing, and maintaining enterprise network assurance. This certification focuses on ensuring the reliability, availability, and performance of network systems within an enterprise, which is critical for maintaining seamless business operations.

Achieving the Cisco CCNP Enterprise (300-445 ENNA) certification demonstrates that you possess the skills to utilize Cisco's tools and technologies to monitor and manage network performance, troubleshoot issues, and optimize network operations. This certification is part of Cisco's broader professional certification program, which aims to provide network professionals with the knowledge and skills needed to meet the demands of modern IT environments.

300-445 ENNA Exam Info:

• Exam Name: Cisco Designing and Implementing Enterprise Network Assurance
• Exam Price: $300 USD
• Duration: 90 minutes
• Number of Questions: 55-65
• Passing Score: Variable (750-850 / 1000 Approx.)

What's On the Cisco 300-445 ENNA Exam?

The Cisco 300-445 ENNA (Implementing Cisco Enterprise Network Assurance) exam is a critical certification for IT professionals looking to validate their skills in enterprise network assurance. The exam covers a comprehensive array of topics that are essential for maintaining and optimizing enterprise networks. Here is an in-depth look at the key areas covered in the Cisco 300-445 ENNA exam:

1. Network Assurance Principles

Understanding Network Assurance: The exam begins with a foundational understanding of network assurance principles. Candidates need to comprehend methodologies such as performance monitoring, fault management, and Service Level Agreement (SLA) management. These principles are crucial for ensuring that network services meet predefined performance standards and reliability metrics.

2. Cisco DNA Center Assurance

Implementing Cisco DNA Center: A significant portion of the exam focuses on Cisco DNA Center, a centralized management dashboard. Candidates must demonstrate proficiency in configuring, deploying, and troubleshooting network assurance features within Cisco DNA Center. This includes understanding how to utilize the platform for continuous monitoring and maintaining optimal network performance.

3. Network Data Analytics

Leveraging Analytics Tools: Network data analytics is a vital skill assessed in this exam. Candidates should be adept at using various analytics tools and techniques to gather, analyze, and interpret data on network performance. This involves understanding how to convert raw data into actionable insights to improve network operations.

4. Telemetry and Monitoring

Deploying Telemetry Solutions: The exam tests knowledge on the deployment and configuration of telemetry and monitoring solutions. Candidates need to understand how to implement these solutions to ensure continuous network reliability and performance. This includes familiarity with protocols and tools that facilitate real-time data collection and analysis.

5. Automation and Programmability

Enhancing Network Operations: Automation and programmability are increasingly important in modern network environments. The Cisco 300-445 exam requires candidates to incorporate automation into network assurance practices. This reduces manual intervention, enhances efficiency, and ensures consistency in network operations. Understanding scripting languages and automation frameworks is essential.

6. Troubleshooting

Diagnosing Network Issues: Effective troubleshooting is a critical component of network assurance. Candidates must be able to diagnose and resolve network performance issues using Cisco tools and methodologies. This includes being familiar with various troubleshooting techniques and tools that help identify and fix network problems promptly.

7. Security Assurance

Ensuring Network Security: Lastly, the exam covers security assurance as part of the overall network assurance strategy. Candidates must ensure that network security compliance and integrity are maintained. This involves understanding security protocols, implementing security policies, and ensuring that network configurations do not introduce vulnerabilities.

Who Should Earn the 300-445 ENNA?

The Cisco 300-445 ENNA certification is ideal for network professionals who are responsible for ensuring the reliability and performance of enterprise networks. Specifically, it is suitable for:

• Network Engineers
• Professionals who design, implement, and manage enterprise networks will benefit from the skills validated by this certification.
• Network Administrators
• Administrators tasked with maintaining network performance and troubleshooting issues will find the certification invaluable.
• Network Operations Specialists
• Specialists focused on monitoring and optimizing network operations can enhance their expertise through this certification.
• IT Managers
• IT managers overseeing network teams will gain insights into best practices for network assurance, enabling them to lead their teams more effectively.
• Aspiring Network Professionals
• Individuals looking to advance their careers in network engineering and operations can use this certification to demonstrate their capabilities to potential employers.

Top 7 Tips on How to Prepare for Cisco 300-445 ENNA

Preparing for the Cisco 300-445 ENNA exam requires a strategic approach and dedicated effort. Here are the top seven tips to help you successfully prepare for this certification:

1. Understand the Exam Objectives

Start by thoroughly understanding the exam objectives provided by Cisco. This detailed syllabus outlines all the topics covered in the exam. Familiarizing yourself with these topics ensures that your study plan encompasses every necessary area. This understanding forms the foundation of your preparation, helping you to focus your efforts effectively.

2. Gather Study Materials

Collecting Resources: Accumulate a variety of study materials such as official Cisco training courses, study guides, and practice tests. The Cisco website and authorized training partners offer comprehensive resources specifically tailored for the 300-445 ENNA exam. These materials provide a structured learning path and essential information needed to master the exam content.

3. Create a Study Plan

Develop a study plan that allocates sufficient time to each topic area. Consistency is crucial, so establish regular study sessions and adhere to your schedule. A well-organized plan ensures that you cover all topics systematically, reducing the risk of last-minute cramming and enhancing long-term retention.

4. Join Study Groups and Forums

Participate in study groups and online forums where you can interact with other candidates and certified professionals. These platforms offer valuable insights, tips, and peer support, which can help you understand complex topics better. Collaborative learning often provides new perspectives and enhances your overall preparation experience.

5. Hands-On Practice

Practical experience is vital for the 300-445 ENNA exam. Set up a lab environment where you can practice configuring and managing enterprise network assurance solutions. Hands-on practice helps solidify your theoretical knowledge and prepares you for real-world scenarios. This practical exposure is essential for mastering the practical aspects of the exam.

6. Take 300-445 ENNA Practice Tests

Regularly taking practice tests is an excellent way to gauge your readiness. These exams help identify areas where you need further study and familiarize you with the exam format and question types. 300-445 ENNA Practice tests also help build your confidence and time management skills, ensuring that you are well-prepared for the actual exam day.

7. Review and Revise

Consistently review and revise your notes to reinforce your understanding of the material. Focus particularly on areas where you feel less confident and seek additional resources if necessary. Regular revision helps consolidate your knowledge, making it easier to recall information during the exam.

Comprehensive Study Plan for Cisco 300-445 ENNA

Week 1-2: Foundation and Core Concepts

Day 1 to 3: Network Assurance Principles

• Objective: Understand the core principles of network assurance.
• Activities:
• Read Cisco’s documentation on network assurance.
• Watch introductory videos on network performance monitoring.
• Take notes on key concepts such as performance metrics, fault management, and SLA management.

Day 4 to 6: Cisco DNA Center Assurance

• Objective: Learn how to implement and manage network assurance using Cisco DNA Center.
• Activities:
• Go through Cisco DNA Center Assurance deployment guides.
• Set up a lab environment to practice configurations.
• Perform hands-on labs for configuring and deploying Cisco DNA Center.

Day 7: Review and Practice

• Objective: Reinforce the concepts learned in the first week.
• Activities:
• Review notes and highlight important points.
• Take a short quiz on the topics covered.
• Participate in a study group discussion to clarify doubts.

Week 3-4: Advanced Topics and Hands-On Practice

Day 1 to 3: Network Data Analytics

• Objective: Utilize network data analytics tools.
• Activities:
• Study Cisco’s network analytics tools documentation.
• Watch tutorials on data collection and interpretation.
• Practice using network analytics tools in your lab environment.

Day 4 to 6: Telemetry and Monitoring

• Objective: Deploy and configure telemetry and monitoring solutions.
• Activities:
• Read about different telemetry protocols and tools.
• Configure telemetry solutions in the lab.
• Monitor network performance and troubleshoot using telemetry data.

Day 7: Review and Practice

• Objective: Consolidate the second week’s learning.
• Activities:
• Recap key topics and take detailed notes.
• Engage in practical lab exercises focusing on telemetry and analytics.
• Join an online forum discussion to exchange insights and tips.

Week 5-6: Automation, Troubleshooting, and Security

Day 1 to 3: Automation and Programmability

• Objective: Incorporate automation into network assurance practices.
• Activities:
• Study Cisco’s documentation on network automation.
• Explore scripting and automation tools like Python and Ansible.
• Create basic automation scripts to manage network tasks.

Day 4 to 6: Troubleshooting and Security Assurance

• Objective: Diagnose and resolve network issues while ensuring security.
• Activities:
• Read Cisco’s troubleshooting guides.
• Watch videos on common network issues and their resolution.
• Implement security assurance practices in the lab and test for vulnerabilities.

Day 7: Comprehensive Review and Mock Exam

• Objective: Evaluate your overall preparation.
• Activities:
• Conduct a full review of all topics.
• Take a mock exam to simulate the test environment.
• Identify weak areas and revisit those topics.

Week 7: Final Preparation

Day 1 to 3: Focused Revision

• Objective: Deep dive into challenging topics.
• Activities:
• Revisit complex topics based on mock exam performance.
• Participate in focused study sessions with peers.
• Use flashcards for quick revision.

Day 4 to 6: 300-445 Practice Tests

• Objective: Build exam readiness.
• Activities:
• Take multiple ENNA practice tests to build confidence.
• Time yourself to improve speed and accuracy.
• Review explanations for any incorrect answers.

Day 7: Relax and Final Checks

• Objective: Ensure readiness for the 300-445 exam.
• Activities:
• Light revision of key points.
• Ensure all exam logistics are in place (ID, location, etc.).
• Rest and relax to be in the best mental state for the exam.

Benefits of Online Cisco 300-445 Practice Test

Exam Day Strategies for Cisco 300-445 ENNA

• Arrive Early: Plan to arrive at the exam center at least 30 minutes early. This allows you time to settle in, verify your ID, and relax before the exam starts.
• Read Questions Carefully: Carefully read each question and all answer choices. Look out for keywords and phrases that may alter the meaning of the question.
• Manage Your Time: Allocate a set amount of time for each question. If you get stuck, move on and return to it later if time permits. This ensures you don’t miss easier questions.
• Use Elimination Method: If unsure about an answer, eliminate the clearly wrong choices first. This increases your chances of selecting the correct answer from the remaining options.
• Stay Calm and Focused: Stay calm and maintain focus throughout the exam. Deep breathing exercises can help manage any anxiety and keep you centered.

Conclusion

Preparing for the Cisco 300-445 ENNA certification exam is a demanding but rewarding endeavor. By understanding the exam objectives, following a comprehensive study plan, engaging in hands-on practice, and adopting effective exam day strategies, you can significantly enhance your chances of success. This certification not only validates your expertise in enterprise network assurance but also opens doors to advanced career opportunities in the IT industry.

Start your preparation journey today, and remember, consistent effort and dedication are key to achieving your Cisco 300-445 ENNA certification. Best of luck!

Continue reading

Communications Compliance is Taking Center Stage in the Boardroom

Within the modern governance landscape in financial services, communications compliance has emerged as a critical issue, spurred by the staggering fines for unmonitored communications that have surpassed $2 billion USD in the United States alone. In February 2024, an additional 16 firms faced SEC fines totaling $81 million, signaling a zero-tolerance stance by regulators against compliance violations.

The Cisco and Theta Lake partnership, established in 2018, reflects a strategic response to these challenges. Theta Lake enhances the security and compliance features of Cisco’s Webex collaboration suite. This joint solution ensures institutions can safely harness the power of Webex’s functionalities, while significantly reducing the risk of penalties, increasing user satisfaction, and enhancing ROI (return on investment).

Theta Lake’s “Digital Communications Governance, Compliance, and Security Survey” for 2023/24, sheds light on the evolving landscape. With independent responses from over 600 IT and compliance professionals, the Theta Lake report reveals that 40% of firms have now elevated communications compliance to a board-level concern, underscoring the pressing demand for a revamped compliance and security framework for Unified Communications and Collaboration (UCC) tools that are integral to the modern workplace.

Why Are Firms Reevaluating Their Communications Compliance Strategies?

The survey indicates a widespread reassessment of communications compliance strategies in financial services, with 77% of respondents revising their approaches, 17% planning to do so, and 45% considering a complete overhaul. Traditional methods often fail to seamlessly capture, retain, and supervise across diverse communication platforms, leading to inefficiencies and compliance lapses. To counter these challenges, organizations are restricting key features that users want and need, inadvertently pushing employees towards unmonitored channels.

Theta Lake, in partnership with Cisco Webex, offers a purpose-built compliance, supervision, and security solution that integrates seamlessly across the Webex Suite, whether content is displayed, shared, spoken, or written. This solution brings significant value to leading organizations, including some of Webex’s largest customers—six of the top ten North American banks.

Where Should Organizations Begin When Overhauling Their Digital Communications Strategy?

Addressing compliance complexities requires a structured, proactive approach. In a rapidly evolving digital landscape, organizations must anticipate regulatory expectations and strategically overhaul their digital communications governance.

Cisco and Theta Lake recommend a three-point strategy:

• Effective Data Capture: Accurate and reliable record keeping starts by capturing the correct data at its source, along with its context and time of origin. This step is crucial for reconciliation and reporting.
• Record Navigation: With comprehensive record keeping across various channels, searching and navigating records and their interwoven communications becomes both possible and efficient.
• AI-Enhanced Compliance Scaling: AI (Artificial Intelligence) technology, specifically tailored for compliance, helps manage and oversee vast amounts of communication records, enabling institutions to identify and mitigate risks and maintain robust compliance standards.

Theta Lake: A Cisco SolutionsPlus Partner

The Cisco SolutionsPlus program features tested Cisco Compatible products. As a SolutionsPlus partner focused on collaboration and security, Theta Lake’s solution for the Webex Suite is available for purchase through the Cisco price list. This includes fully compliant capture, archiving (in existing systems or Theta Lake’s SEC-17a-4 compliant environment), and built-in policy-based AI-enabled risk detection/remediation/redaction capabilities for:

• Webex Calling & Customer Experience Essentials (New!): Voice Recordings, Business Texts (SMS), and Call Detail Records.
• Webex Meetings & Selective In-Meeting Communications: Video recordings, and selective archiving of any or all meeting components including audio or in-meeting eComms (such as chat, polling, Q&A, transcripts, and closed captioning).
• Webex Messaging: All content, replies, and reactions—including files and rich media (like images and GIFs).
• Polling/Slido: All content including polls, Q&A, surveys, and more.
• Webex Connect: Archiving & supervision support of log exports via SMTP or Rest API for SMS and omnichannel content.

In an era of intense regulatory oversight, Cisco and Theta Lake’s joint solutions have transitioned from a strategic asset to an essential requirement for financial services organizations aiming to ensure robust communications compliance.

Source: cisco.com

Continue reading

Protecting Against regreSSHion with Secure Workload

On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems.

Now we have seen how CVE-2024-6387 has taken the internet by storm, making network security teams scramble to protect the networks while app owners patch their systems.

Secure Workload helps organizations get visibility of application workload traffic flows and implement microsegmentation to reduce the attack surface and contain lateral movement, mitigating the risk of ransomware.

Below are multiple ways in which Secure Workload can be leveraged to get visibility of affected application workloads and enforce segmentation policies to mitigate the risk of workloads being compromised.

1. Visibility of SSH Traffic Flows

According to the Qualys Threat Research Unit, the versions of OpenSSH affected are those below 4.4p1, as well as versions 8.5p1 through 9.8p1, due to a regression of CVE-2006-5051 introduced in version 8.5p1.

With Secure Workload, it is easy to search for traffic flows generated by any given OpenSSH version, allowing us to spot affected workloads right away and act. By using the following search attributes, we can easily spot such communications:

◉ Consumer SSH Version

◉ Provider SSH Version

Figure 1: Visibility of OpenSSH version from Traffic Flows

2. Visibility of OpenSSH Package Version in Workloads

Navigate to Workloads > Agents > Agent List and click on the affected workloads. On the Packages tab, filter for the “openssh” name and it will search for the current OpenSSH package installed on the workload.

Figure 2: OpenSSH package Version

3. Visibility of CVE-ID Vulnerability in Workloads

Navigate to Vulnerabilities tab, and a quick search for the CVE ID 2024-6387 will search the current vulnerabilities on the workload:

Figure 3: Vulnerability ID Information Per Workload

4. Mitigating Risk of regreSSHion

Once the relevant workloads are spotted, there are three main avenues to mitigate the risk: either by microsegmenting the specific application workload, implementing organization-wide auto-quarantine policies to proactively reduce the attack surface, or performing a virtual patch with Secure Firewall.

◉ Microsegmentation: Microsegmentation policies allow you to create fine-grained allow-list policies for application workloads. This means that only the specified traffic flows will be permitted, denying any other traffic that might be generated from the workload.

Figure 4: Microsegmentation Policies For Affected Application Workload

◉ Auto-Quarantine: You can choose to implement organization-wide policies to reduce the attack surface by quarantining workloads that have installed a vulnerable OpenSSH package or are directly affected by the CVE ID.

Figure 5: Organization-Wide Auto-Quarantine Policies

◉ Virtual Patch: If quarantining a workload is too disruptive to the organization (e.g., business-critical applications or internet-exposed applications), you can perform a virtual patch with the help of Cisco Secure Firewall to protect the application workloads against the exploit while still maintaining connectivity for the application.

Figure 6: Virtual Patch with Secure Firewall Connector

Figure 7: Vulnerability Visibility and IPS Signature in FMC

5. Process Anomaly and Change-In Behavior Monitoring of regreSSHion

Even in the scenario where a workload is compromised, Secure Workload offers continuous monitoring and anomaly detection capabilities, as shown below:

◉ Process Snapshot: Provides a process tree of existing runtime processes on the workload. It also tracks and maps running processes to vulnerabilities, privilege escalation events, and forensic events that have built-in MITRE ATT&CK Techniques, Tactics, and Procedures.

Figure 8: Process Snapshot of Affected Workloads

◉ Forensic Rules: Secure Workload comes with 39 out-of-the-box MITRE ATT&CK rules to look for techniques, tactics, and procedures leveraged by adversaries. It is also possible to create custom forensic rules to track certain process activities, such as privilege escalation performed by processes. The system can also generate alerts and send them to the Secure Workload UI and SIEM systems.

Figure 9: Example Manual Forensic Rule Creation (left) and Built-In Mitre ATT&CK Rules (right)

Source: cisco.com

Continue reading