Avatar

Hunger is the world’s #1 health risk, with 1 in 7 people going hungry worldwide. Hunger kills more people every year than AIDS, malaria, and tuberculosis combined. Close to 900 million people do not have enough to eat and 98 percent of them live in developing countries. Even in developed countries like the United States, 15 percent of households are food insecure, meaning its members have uncertain access to adequate and safe food.

While hunger is considered the key global challenge of our time, it is also believed to be the world’s greatest solvable problem. Apart from the immediate suffering it causes to the millions without enough food, hunger is also holding back progress on such social issues as health and education. Yet, no scientific breakthroughs are needed to solve hunger. The knowledge, tools, and resources that we have in the world today, combined with good will, can solve this problem.

Continue reading “Working Together to Solve the World’s No. 1 Health Risk”



Authors

Sandra Wheatley

Director

Global Community Affairs

Avatar

Cisco has been the leader in virtual networking since the introduction of Nexus 1000V virtual switch more than 5 years ago.  Now it is time to make the virtual network more application aware.  With the introduction of the Application Centric Infrastructure (ACI), we are pleased to introduce the Application Virtual Switch (AVS), the virtual network edge of the Cisco ACI -enabled network that includes the Nexus 9000 series of switches.

In the ACI architecture, applications drive networking behavior, not the other way around. Pre-defined application requirements and descriptions (“policy templates”) automate the provisioning of the network – virtual and physical, application services, security policies, tenant subnets and workload placement. Automating the provisioning of the complete application network reduces IT costs, reduces errors, accelerates deployment and makes the business more agile.

Application Virtual Switches are the purpose-built, hypervisor-resident virtual network edge switches designed for the ACI fabric. They provide consistent virtual networking across multiple hypervisors to simplify network operations and provide consistency with the physical infrastructure.

  • AVS is robustly integrated into the ACI architecture and supports Application Network Profile (ANP) enforcement at the virtual host layer consistent with the Nexus 9000 series physical switches.
  • AVS is managed centrally along with rest of the ACI fabric components through the Application Policy Infrastructure Controller (APIC) and provides advanced telemetry features to allow end-to-end visibility and troubleshooting capabilities across both virtual and physical devices, .
  • AVS enables optimal traffic steering between virtual and physical layers of the fabric to maximize performance and resource utilization. For example, if the web and app tier are located on the same host, AVS can route traffic or apply security policies between these end point groups within the hypervisor itself.  On the other hand, if the database is a bare metal workload that is attached to the physical Nexus 9000, the application policy is consistently applied at the physical Nexus 9000 top of rack switches instead.
Application Centric Infrastructure with Application Virtual Switch
Application Centric Infrastructure with Application Virtual Switch

ACI eliminates the operational complexity of differences in managing virtualized environments vs. bare metal or legacy environments. It provides a consistent operational model across both AVS and Nexus 9000 respectively.  ACI also allows for flexibility of placement of application workloads based on application requirements. Watch this short video.

Continue reading “Introducing Cisco Application Virtual Switch – Extending Virtual Networking to Applications”



Authors

Balaji Sivasubramanian

Director, Product Management

UCS

Avatar

If you have been following the news, I’m sure you saw that Cisco just introduced Application Centric Infrastructure (ACI). Combine ACI with Cisco UCS Director and you can provision and deliver application-centric infrastructure automatically.

insieme

Over the past 11 months, I have discussed how Cisco UCS Director reduces data center complexity with unified automation and management of multi-vendor converged and integrated infrastructure systems. But the provisioning of compute, storage and network resources is just the start. IT needs to deliver infrastructure that is tailor-made for the specific applications their users need. Together with ACI, Cisco UCS Director has key capabilities to make this happen.

Continue reading “Automation and Application-Centric Infrastructure”



Authors

Joann Starke

No Longer with Cisco

Avatar

We’re in November now, so of course it’s getting chilly outside – even here in California! This means the holidays are right around the corner and retailers are gearing up for their busiest time of year. A growing trend these days is that more than half of holiday shoppers with smartphones plan to use these devices while shopping (53.8%, National Retail Federation). What better motivation for retailers to increase sales in all of their stores this season than by enhancing customers’ shopping experience with something like Facebook?

On the other side of town unfortunately, the holiday season goes hand-in-hand with the sniffling and coughing brought on by the winter cold and flu season. As usual, doctors will expect an influx of patients in their offices in the coming months. IT staff at hospitals need to prepare for the increased medical data traversing through the network and beyond.

Cisco UCS E-series on the ISR-AX is a consolidated solution in a single platform. With this solution, retailers can virtualize and host POS, video surveillance, and other applications.  Doctors in medical offices of any size can focus on taking care of their patients rather than worry about the network slowing them down.

Continue reading “UCS E-Series: A Platform for Innovation | Inside the Branch”



Authors

Jolene Tam

Product Marketing Manager

Security

Avatar

connect1With the explosion of smart mobile devices, consumers expect to have Wi-Fi access at pubic venues everywhere they go. Venue owners are under pressure to provide reliable Wi-Fi guest access in a simple and easy way. Wouldn’t it be great to be able to do that AND extract some value out of your investment in setting up the Wi-Fi network as well? Cisco Connected Mobile Experience (CMX) is an industry leading solution provides just that: an easy, customizable and location-aware way to onboard guests using CMX Connect, an ability to gain insights into guest behaviors using CMX Location Analytics and an opportunity to engage guests in meaningful ways using CMX Browser Engage.

With MSE Release 7.6 coming out later this year, we wanted to give you a closer look at new feature CMX Connect.  Continue reading “CMX Connect – An Innovative, Location Aware Guest Captive Portal”



Authors

Reddy Babu Adarapu

Techinal Leader

Avatar

Now that we’ve announced the Cisco Application Centric Infrastructure (ACI), everyone is trying to come up to speed quickly on this new fabric architecture and the power that this revolutionary application-centric model will bring to data center and cloud automation. One of the best insights to ACI I have seen comes in the form of a 140 char tweet from Insieme TME Joe Onisick (he also blogs at definethecloud.net) who says, “Building intelligent networks is a fool’s errand. Build a network to take orders, then teach it to do so in a business relevant language.” If you truly understand that, you’ll easily grock ACI. The rest are implementation details.

Joe Onisick tweet

What ACI has done is backed off from all the network complexity in trying to build more and more intelligence directly in the fabric. Building the network to be externally automated can centralize the intelligence and control, while simplifying the design and operations of the fabric greatly (also a goal of SDN, by the way). But what’s really new about ACI is that the programmability and orchestration of the infrastructure (how it takes the orders) is now done in a business-relevant policy language/model.

In a pre-launch post, I looked at why application policies were an ideal model to build infrastructure automation around, and how application policies are better suited to mirror business objectives and requirements than traditional IT infrastructure policies. The fact is that applications are the brains of the business and best reflect the activity and dynamic requirements of the business. Application policies are inherently business-relevant. The key benefits for customers end up being vastly greater degrees of automation, process improvement and business agility. [Note: It will be left as an exercise for the reader to prove that OpenFlow, e.g., is not a business-oriented policy language.]

Continue reading “Application Centric Infrastructure (ACI): Application Network Profiles for Security and Network Services”



Authors

Gary Kinghorn

Sr Solution Marketing Manager

Network Virtualization and SDN

Avatar

My company is in the very early stages of an MDM BYOD project.  As part of that we are looking at the Cisco Identity Service Engine (ISE) as a central piece.  I am about half way through my testing and I thought that I would pass on some of what I have learned so far.  I am far from being an ISE expert and I don’t mention profiling or the advanced features in this post. I have tried them but don’t feel knowledgeable enough to go into these details.

ISE

ISE is an excellent NAC system but it does much more than that.  One of the advantages of trying to configure a new piece of technology yourself is that you learn much more and also other ways to increase the ROI.  The main reason we are interested in ISE is as the enforcement point on our wireless network.  When a device tries to connect to our BYOD network we want ISE to query the MDM server to verify if the device is registered and if not to redirect the device to the MDM provisioning portal.  If the device is registered with MDM ISE will then query AD and verify the user credentials.  This is a core function of ISE and went fairly well. Continue reading “Cisco ISE in the lab.



Authors

William Maguire

Wireless Network Engineer

Avatar

We have detected evidence of a malware distribution campaign using messages masquerading as UPS delivery notification emails. These campaigns attempt to deceive the targets into thinking they are receiving mail from a trusted sender in order to dupe the recipient into installing malware, possibly for financial gain. Once the initial attack vector is installed, further malware may be distributed.

This  appears to be part of the same campaign seen by MalwareMustDie (http://pastebin.com/n244xN32) and uses the email subject “UPS Delivery Notification Tracking Number”. We have seen a limited number of customers receiving this spam starting yesterday (Tue Nov 5), suggesting that this is a fairly low volume campaign (at the moment). The message contains an attachment with a filename such as “invoiceU6GCMXGLL2O0N7QYDZ” and extension .txt or .doc which is a disguised rtf file.

Section of the mail attachment containing rtf objocx tag
Section of the mail attachment containing rtf objocx tag

According to our analysis the malware attempts to download additional files by exploiting CVE-2012-0158 affecting old versions of Microsoft Office, which is detected by Cisco IPS signature 1131 and is available as a Metasploit module. In this case the malware being distributed seems to be a form of ransomware. Ransomware typically encrypts files on an infected machine and requires the user to pay for the release of their data. This particular piece of ransomware appears to be distinct from the samples we have been seeing as part of the Cryptolocker campaign, but comes in the wake of increased interest and discussion of this kind of attack.

    Attached malware making a request to the control server at 199.16.199.2
Attached malware making a request to the control server at 199.16.199.2

As ever, users should remain vigilant when opening email links and attachments, and be wary of a message purporting to be an automated order confirmation from a company such as FedEx and UPS, as this is a common tactic which has also been identified as a possible method for distributing Cryptolocker.

Additional analysis of this attack can be found here: http://bartblaze.blogspot.com/2013/11/latest-ups-spam-runs-include-exploits.html

Malicious rtf:   7c2fd4abfe8640f8db0d18dbecaf8bb4

Downloaded exe:     e5e1ee559dcad00b6f3da78c68249120

 

Thanks to Cisco researchers Craig Williams and Martin Lee for assistance with this post.

 



Authors

Andrew Tsonchev

Outreach

TALOS

Avatar

What if your biggest challenge in learning math was that you could not understand the words that the teacher used to convey math concepts? That the language in the math book was not your first language? Or that your learning disability involved difficulties with words and reading?

Dr. Matthew Peterson, co-founder and COO of MIND Research Institute, knows what that’s like. He is dyslexic. But after completing an undergraduate triple major and a Ph.D. in visual neuroscience, he decided to try to figure out a way to teach math that minimizes the use of words, but maximizes student understanding and achievement.

 

Dr. Peterson’s stunning innovation is called ST Math, a web-based, self-paced software program that uses language-free animation to help students grasp key math concepts. This resource is offered to students in addition to regular classroom instruction, twice a week.

It turns out that all students, regardless of language or culture of origin, gender, and in some cases even learning disability, do far better at math when they have additional help from solving the ST Math exercises.

As we outlined in an earlier blog post, Cisco’s initial expansion support for ST Math in Silicon Valley and in Arizona has shown strong student performance gains of double to triple growth in math proficiency. Our newly supported 22-school Virginia ST Math pilot sought to replicate these successful outcomes.

Continue reading “Removing Language Barriers from Math Education Improves Student Achievement”



Authors

Peter Tavernise

Climate Impact and Regeneration Lead

Director, Cisco Public Benefit Investment