Cisco Blogs


Cisco Blog > Security

7-Day Forecast: Bundle Up!

It’s that time of year again—consider this post your friendly T-7 notice to start preparing for the final Cisco IOS Software Security Advisory Bundled Publication of 2013! As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.  Cisco security publications that disclose vulnerabilities scoring lower than 7.0 are described in our Cisco Security Vulnerability Policy. Read More »

Tags: , , , , ,

The Making of TechWiseTV Episode 133; Call Center Software…Experence Matters…

It’s certainly true that voice isn’t my favorite technology. Not that is bad or that I dislike it…it just doesn’t hold my interest like routing and switching or data center or even wireless. Man I just fall all over myself on that stuff!! When we are asked to do a TechWiseTV episode, the first thing I do is go back and watch any previous shows that we had before. After watching the Contact Center shows I came to one glaring conclusion; I don’t get it.

<insert ego here> Sure I understand the technology well enough. Also how to implement it and really support it like an IT geek should. I just didn’t understand WHY things like Social Miner, Stats, Desktop deployment were any more important than anything else. So for example; if desktop layout is so important, use a thin client and roll ‘um out. Or if stats and tracking is so important then buy a projector, write script and display that stuff on the wall man. Why is this a real selling feature?

So I contacted a peer of mine that works in a Call Center and I volunteered to work an eight hour shift (from 7PM to 4AM…Yowza…)  to see what it’s like and how users actually use the product in a production environment. I wanted to work in a non Cisco environment to get an untainted experience so that I would be better prepared to really analyze what we did and did not do.  He gladly took me in and after about an hour of online training and two hours of strictly supervised mentorship, I added my name to the “score board” and logged in as “Jimmy Ray” with a dreams off earning a green up arrow showing that I was moving up the leader board.

Wholly smokes! What an eye opening experience. First off, the turnover rate of staff is huge. I had three new folks also starting with me.  It’s not because of the management. Heck, they are actually very cool. Giving out bonuses, prizes right on the spot. Anything to keep their employees happy. I was impressed and surprised because I was expecting to be yelled at, hard drove to stay on the phone all the time, stick to the script, but no folks worked hard to win stuff and compete with each other.  The team of folks that manage the phones come from all walks of life. In one shift I met folks fresh off divorces, two laid off PhD’s from a medical company up the road, a few recent college grads, former educators, etc…basically, high quality folks looking to take a Mulligan and move on to the next phase of life.

To sum up my phone experience, it’d go like this; being yelled at, hung up on, cursed at, air horns and whistles  blew into the phone and loathed more than the United States Congress. Why? because I’m interrupting their chillin’ at home and sometime work life and boy howdy they like me know real quick by not be friendly or patient. Hey I worked as a product developer, a presales engineer and was in the United States Navy so I can handle rejection and being cussed at well. But man alive hearing not just “No” but some tasty cuss words can take its toll on your attitude and overall morale.

Wow! Now I get it. Certainly 8 hours does not make me an expert. It did really change my viewpoint. On the drive back to the Code Cave, I called Robb and woke his butt out of bed and told him we need to reformat this show.  He mumbled something about gummy bears driving on the A10 in Norwich then hung up the phone. I understand why call center users need to have a dynamic desktop that we can update with apps as skill levels/responsibility changes. I understand why an IT department wants to have a solution they can tweak on the fly without calling in a bus load of consultants. I understand why managers know that a call center is expensive to a company and the need to have customized reports in a ton of different formats to show success or failure. Even the ability to scale and add features with limited servers I knew would be important on really any network discipline.  However, in a normal call center solution takes 17+ servers with a strict mandate of “Don’t Touch These” from the consultants that seemed to be more like staff and consultants to be honest. Reminded me a lot of the old main frame days. Come on man!!

Take a look at this episode of TechWiseTV.  It airs on Thursday 19Sep2013. It’s a little different based upon me coming off this experience.  Robb and I formatted this show not based on an all IT experience, but a true usability story. The Contact Center team is really a great group of folks. I have had the pleasure of working with a lot of teams in our seven years of doing TechWiseTV. Without a doubt, the Contact Center team is one of my favs. The team is great, they honestly listen to customer feedback with a pencil to see what they can change. Although Cisco is a large company, this team moves with the nimbleness of a small startup. Watch this episode and even attend our follow on workshop http://www.ciscoworkshops.com If you need a call center solution, I betcha you’d really like the solutions package and licensing they come up with.

Oh…and if your phone rings during suppertime…cut ‘um a little slack…it’s a tough gig for sure.

Jimmy Ray Purser

Trivia File Transfer Protocol

Clarence Birdseye founded his frozen food empire with $7. It bought him an electric fan, cakes of ice, and buckets of brine.

Watering-Hole Attacks Target Energy Sector

Beginning in early May, Cisco TRAC has observed a number of malicious redirects that appear to be part of a watering-hole style attack targeting the Energy & Oil sector. The structure consists of several compromised domains, of which some play the role of redirector and others the role of malware host.

Observed watering-hole style domains containing the malicious iframe have included:

  1. An oil and gas exploration firm with operations in Africa, Morocco, and Brazil;
  2. A company that owns multiple hydro electric plants throughout the Czech Republic and Bulgaria;
  3. A natural gas power station in the UK;
  4. A gas distributor located in France;
  5. An industrial supplier to the energy, nuclear and aerospace industries;
  6. Various investment and capital firms that specialize in the energy sector.

Encounters with the iframe-injected web pages resulted from either direct browsing to the compromised sites or via seemingly legitimate and innocuous searches. This is consistent with the premise of a watering-hole style attack that deliberately compromises websites likely to draw the intended targets, versus spear phishing or other means to entice the intended targets through illicit means.

Read More »

Tags: , , , , ,

EuroMPI’13 Cisco slides: Open MPI Process Affinity User Interface

September 18, 2013 at 5:17 am PST

The slides below are from my presentation at EuroMPI’13 about Open MPI’s flexible process affinity interface (in OMPI 1.7.2 and later).  I described this system in a prior blog entries (one, two, three), but many people keep asking me about it.

Josh Hursey from U. Wisconsin, LaCrosse, wrote this IMUDI paper about the interface (IMUDI is a sub-workshop of EuroMPI focusing on end-user issues) to get a little more publicity and awareness of this process affinity system.  Specifically, we designed this affinity system so that we could get feedback from real end users about what is useful and what is not.

Read More »

Tags: , , , , ,

#ExecInsights: Transforming Tomorrow’s Smart Cities… Today

This past week, the Meeting of the Minds convened in Toronto, Canada with more than 375 invited CXOs debating the convergence of urban sustainability and connected technologies. During the three-day summit, a variety of smart public policies and breakthrough technology innovations were presented by leading innovators.

The solutions showcased– from lighting to energy grids to parking – are all designed to enable cities and metro-regions to better respond to increasingly complex challenges: urban planning, city design, network technology and infrastructure. As a keynote speaker, I had the opportunity to address a topic that was top of mind for many of these leaders – The Smart City Powered by the Internet of Everything (IoE).

Read More »

Tags: , , ,