Cisco Blogs


Cisco Blog > Security

Walking in a Winter Wonderland

It is not uncommon to see an anti-spam system catch >99% of the spam passing through it. Most of the best anti-spam systems catch >99.9% of spam. In this environment, spammers try just about anything to evade spam filters. Some spammers believe that blasting at high volume is the key to success. Others believe complete randomization of the message headers will confuse the anti-spam system. Still others take a minimalist approach, sending only a URL in the body. As anti-spam systems close gaps in their coverage, spammers are forced to find new tricks (or resort to variations on old tricks). It’s an arms race.

Screen-Shot-2014-05-24-at-5.24.29-AM-300x224One spam technique in particular is attracting more and more spammers. This technique is known in the email industry as “snowshoe” spam. Snowshoes are footwear that allows a person to walk over deep snow by distributing their weight over a larger surface area, thus preventing the wearer’s foot from sinking. But what do snowshoes have to do with unsolicited bulk email? In the email world “snowshoe” spam is unsolicited bulk email that is sent using a large number of IP addresses, and at a low message volume per IP address.

Cisco’s worldwide sensor network records details about a substantial quantity of spam. We analyze this large dataset for trends among senders. Below is a breakdown of spam by sender type. Note that the volume of snowshoe spam has more than doubled since November 2013.

Screen-Shot-2014-05-24-at-4.38.13-AM-300x105

Spam broken down by Sender Type

Read More »

Tags: , , ,

Cisco UCS PowerTool Scripting Contest – Winners Announced

May 30, 2014 at 4:34 am PST

To highlight the power and ease of use of the UCS PowerTool SDK and XML, a Windows PowerShell scripting contest was run from March 27th to May 11th. Championed by Technical Marketing Engineers Eric Williams and Jeff Foster, the contest exceeded its goals with 24 scripts submitted.

The most popular category was configuring a new UCS domain from scratch with five different entries. Most notable was Cisco Customer Solutions Architect Chris Carter who had never written a script before. In his words:

“I have never written a script using any method prior to this one, and because of the power of the ConvertTo-UCS cmdlet, I was able to write the entire script in about a week.

For me, this was the real power of the tool… an amateur like me, having zero experience, writing a script that fully configured an environment from scratch, following all best practices developed jointly by Cisco and Citrix.”

The true power of the tool was shown by scripts that integrated with UCS Central, NetApp storage, Microsoft SQL, and LDAP.

So who were the winners? Joshua Barton was the grand prize winner for his UCS Backup script and was also an intermediate prize winner. The other intermediate prize winners were Alberto Yanes and Matt Oswalt (check out his Keeping it Classless blog!).

We again want to thank the judges who helped with the contest: Jeffrey Snover, Rob Willis, Don Jones, Thomas Maurer, and Hal Rottenberg (shown below on stage with me at the Cisco Live awards ceremony).

Cisco Live Scripts Award Ceremony

Go check out all the great scripts on the Cisco Community.

Call to Action! Share these scripts and submit new scripts on the Community.

OpenStack Gains Momentum with Users at Recent Summit

Cisco highlighted its support for OpenStack at the recent OpenStack Summit in Atlanta, which hosted 4500+ attendees and included many more users, in addition to the developers and operators that have dominated past conferences.  A common theme among keynote presentations was the speed and flexibility of IT required to support the clouds that will soon dominate commerce and communication worldwide.  The effort underway to improve stability was also a recurring discussion topic.

OpenStack Summit, May 12-15 in Atlanta

OpenStack Summit, May 12-15 in Atlanta

From its beginning as an open source project at NASA, the OpenStack movement has grown as an open alternative to propriety cloud services and applications.  The Summit serves as a forum for those interested in hashing out the direction and adoption of the model and standards, as well as a learning opportunity for those ready to build and deploy on them.

Keynote speakers from Wells Fargo and Disney helped transition the Summit from an academic exercise to a forum for learning how innovative companies are taking control of their cloud environments.

Glenn Ferguson, Head of Private Cloud Enablement for Wells Fargo, described the compliance, auditing and governance Wells requires in its private cloud, that aren’t available in public cloud offerings.  Wells has designated OpenStack their “cloud infrastructure model” to facilitate rapid deployment of infrastructure to meet application developers’ needs and requires all IT vendors to work within the OpenStack specifications. “This is something we have to do to remain agile and competitive in this environment,” Ferguson said.  “Our infrastructure needs to keep pace with the software.”

Chris Launey, Disney’s Director of Cloud Architectures and Services, was blunt in how he described the value of speed.  “If you’re a business that deals in any kind of information, you need speed (to thrive.)  “If you give (developers) their own ‘fast’, they’ll make their own ‘cheap’ by getting their product to market quickly and responding to customer demands.  And (they’ll) make their own ‘good’ by shrinking development cycles and introducing improvements more often, until they reach a virtual continuous cycle of improvements.”

The OpenStack Foundation divides the work into individual projects focused on the various cloud components: servers, object-based storage, networking infrastructure, security, etc.  Proponents are excited about the innovation that can be unleashed when developers are freed from having to worry about the complexities associated with underlying infrastructure and can focus on the innovation of cloud services and applications.

Cisco was highly visible at the Summit, drawing standing-room-only crowds to sessions in the Networking Track,  as network stability and scalability are top-of-mind for users deploying critical applications and services to an open source cloud.

Lew Tucker, Cisco Vice President and CTO for Cloud Computing and Vice-Chair of the OpenStack Foundation, painted a picture of what is possible in his presentation “Open Stack and the Transformation of the Data Center.”  He described how the data center is becoming a large, highly automated “fabric” consisting of interconnected physical systems and virtualized services.  In this environment, OpenStack acts as a platform for building a highly efficient cloud, providing management of diverse infrastructure “below” and orchestration of a vast set of application services “above”.

Lew Tucker, Cisco VP and CTO of Cloud Computing

Lew Tucker, Cisco VP and CTO of Cloud Computing

Cisco’s key contribution to OpenStack has been participation in the development of Neutron, the OpenStack Networking Service.  There is clearly a need to have the same level of visibility and management flexibility that Cisco has been offering its customers in an open source cloud model.  In addition to driving connectivity generally, Cisco has received approval on blueprints for plugins to integrate VPN- and Firewall-as-a-Service as part of OpenStack networking.  (Referred to as Network Function Virtualization (NFV) plugins.)  Cisco is also working on the integration of OpenStack Neutron with OpenDaylight, a separate project started to focus specifically on network programmability.  Cisco’s extensive work in the open source community will bring even greater value to its existing customers by extending the ecosystem of solutions integrated with Cisco products.

In the Expo Hall, Cisco highlighted the integration of its networking, compute and management products with OpenStack APIs, demonstrating:

If you missed the Summit, check out the Session Videos and Slides to deep-dive presentations by Cisco contributors, presented at the Atlanta Summit 2014:

Tags: , , , , , , , , ,

Cisco UCS® Claims SAP SD and SPECjbb 2013 World- Record Benchmarks

Cisco UCS continues its tradition of performance leadership with the announcement of three world –record benchmark performance results:

  1. Cisco UCS B260 M4 blade servers achieved the best 2-processor 2-tier SAP Sales and Distribution (SD) Benchmark performance
  2. Cisco UCS C460 M4 Rack Server set new world-record SPECjbb®2013 MultiJVM 4-socket max-jOPS performance result.
  3. Cisco UCS  B260 M4 Blade Server claimed  a new world-record SPECjbb®2013 MultiJVM 2-socket x86/64 max-jOPS performance result

Let’s take a closer look at each of these world-record benchmark performance results:

1.      World-Record: Fastest Two-Processor Result for SAP

Cisco UCS B260 M4 blade servers delivered the best 2-processor SAP Sales and Distribution (SD) Benchmark result, in a two-tier configuration, with performance accelerated by Cisco UCS Invicta™ Series Solid State Systems. The Cisco UCS B260 M4 Blade Server running Microsoft Windows Server 2012 delivered a world-record two-tier SAP SD Benchmark result on SAP Enhancement Package 5 for SAP ERP 6.0 and Microsoft SQL Server 2012. The solution supported 12,280 SAP SD Benchmark users while maintaining a consistent application response time of less than one second. Published results can be found on the SAP website at http://global.sap.com/solutions/benchmark/sd2tier.epx, SAP SD Benchmark Result Certificate Number 2014018.

Cisco UCS B260 M4 delivered a SAPS score of 67,020. This result is an 18 percent improvement over the 54,700 SAPS score delivered by IBM x3690 X5 servers configured with previous-generation processors and a 22 percent improvement over an IBM FlexSystem p260 running two IBM POWER 7+ processors as reflected in the graph below:

SAP SD 2014

Check out the Performance Brief for additional information on the benchmark configuration. The detailed official benchmark disclosure report is available at the SAP website.

 2.       The Same Processors: Greater SPECjbb2013 Performance with the Cisco UCS C460 M4

Cisco UCS C460 M4 Rack Server captured the top 4-socket MultiJVM score for maximum Java operations (max-jOPS)  with results of 201,117 max-jOPS and 52,784 critical-jOPS.

The test configuration consisted of a controller and four groups, each consisting of a transaction injector and back end, all running across nine JVM instances within a single operating system image. The JVM instances ran on a Cisco UCS C460 M4 Rack Server powered by four 2.8-GHz, 15-core Intel Xeon processor E7-4890 v2 CPUs running the Red Hat Enterprise Linux (RHEL) 6.5 operating system and 64-bit Oracle Java HotSpot Virtual Machine (VM) server on Linux Version 1.8.0.

The benchmark results of 201,117 max-jOPS and 52,784 critical-jOPS place the Cisco UCS C460 M4 at the top of the max-jOPS scores for 4-socket servers running multiple JVMs  and outperforms the Dell PowerEdge R920 and HP ProLiant DL580 Gen8 servers, as shown in the graph below:

SPECjbb 4 socket 2014

Check out the Performance Brief for additional information on the benchmark configuration. The detailed official benchmark disclosure report is available at spec.org website.

 3.      Cisco Improves Performance by Up to 47 Percent in World-Record SPECjbb2013 Results

Cisco UCS  B260 M4 Blade Server captured the top 2-socket x86/64 MultiJVM score for maximum Java operations (max-jOPS)  with results of 91,499 concurrent Java operations per second and 30,021 concurrent critical Java operations per second on SPECjbb2013.

The Cisco configuration consisted of a controller and two groups, each consisting of a transaction injector and back end, all running across multiple JVM instances within a single operating system image. The JVM instances ran on a Cisco UCS B260 M4 Blade Server powered by two 2.8-GHz, 15-core Intel Xeon processor E7-4890 v2 CPUs running the Red Hat Enterprise Linux (RHEL) 6.4 operating system and Oracle Java HotSpot 64-Bit Server Virtual Machine (VM) on Linux Version 1.8.0.

The benchmark result of 91,499 max-jOPS and 30,021 critical-jOPS places the Cisco UCS B260 M4 at the top of the max-jOPS scores for 2-socket x86/64 servers running multiple JVMs  delivering  a 47 percent increase in SPECjbb®2013 max-jOPS and a 28 percent increase in critical-jOPS compared to Cisco’s recent results with the Intel Xeon processor E5 v2 powered servers as depicted in the graph below:

SAP 2-socket 2014

Check out the Performance Brief for additional information on the benchmark configuration. The detailed official benchmark disclosure report is available at spec.org website.

These results join the more than 90 previous world-record performance results set by Cisco UCS since it was announced five years ago. Many of these world-record results use real-world workloads, including business applications, Java middleware, database performance, high-performance computing, and virtualized and cloud computing environments. Check out the Cisco UCS Performance Benchmarks website for additional details.

For additional information on Cisco UCS and Cisco UCS solutions please visit Cisco Unified Computing & Servers web page.

Competitive claims based on results posted at http://www.spec.org/, and at http://www.cisco.com/c/en/us/products/servers-unified-computing/industry_benchmarks.html as of 05/29/2014. SPEC and SPECjbb are trademarks or registered trademarks of Standard Performance Evaluation Corporation.

SAP Results referenced are from the SAP website at http://global.sap.com/solutions/benchmark/sd2tier.epx and are current as of 5/29/2014: Cisco UCS B260 M4, 2 Processors / 30 Cores / 60 Threads, Intel Xeon Processor E7-4890 v2, 2.8 Ghz, 64 KB L1 cache and 256 KB L2 cache per core, 37.5 MB L3 cache per processor, 512 GB of main memory, Microsoft Windows Server 2012 Datacenter Edition, Microsoft SQL Server 2012, and SAP Enhancement Package 5 for SAP ERP 6.0; certification number 2014018, IBM Flex System p260 Compute Node, 2 processors, 16 cores, 64 threads, IBM POWER7+, 4.10 GHz, 32-KB (I) and 32-KB (D) L1 cache and 256-KB L2 cache per core, 10- MB L3 cache per core, 256 GB of main memory, IBM AIX 7.1, IBM DB2 10, and SAP Enhancement Package 5 for SAP ERP 6.0; certification number 2012035, IBM System x3690 X5, 2 processors, 20 cores, 40 threads, Intel Xeon processor E7-2870, 2.40 GHz, 64- KB L1 cache and 256-KB L2 cache per core, 30-MB L3 cache per processor, 256 GB of main memory, Microsoft Windows Server 2008 Enterprise Edition, IBM DB2 9.7, and SAP Enhancement Package 4 for SAP ERP 6.0; certification number 2011032

Girish Kulkarni

Senior Marketing Manager,

Unified Computing System 

gikulkar@cisco.com

Tags: , , , , ,

The Value of Cisco Live – 7 reasons you need to go

I’m back from my first Cisco Live which was in San Francisco. It was a great experience and I hope to be back for many more events. Why should one go to Cisco Live? Here are my reasons:

1. Sessions – Cisco Live has a great variety of sessions with amazing speakers such as Denise Fishburne, Scott Morris, Pete Lumbis, Shelly Cadora, Shannon McFarland and many more. You can get deep dives into protocols, the inner workings of different Cisco platforms or sessions on the future of networking relating to topics such as SDN.

The best part is that after the session you can meet with these speakers and ask them questions. Don’t be afraid to interact with the speakers, maybe you will even keep in touch after the session. To make sure that your favourite speakers come back, fill out the surveys! Read More »

Tags: , , , ,