“Fire drills. Box-by-box management. Sometimes, it’s about searching for a needle in a haystack,” says Nick[1], a network administrator, as he summarizes his typical workday over our coffee break. “I’m perpetually behind,” he adds. After a few sips, Nick starts to pour out his laundry list of frustration. (And oh boy, it’s an ugly list.)
Meetings after meetings. It never ends.
After meetings, then comes the fire fighting: tool malfunction, virus, security breach, degrading user experience, the list goes on.
On a good day, more than half of it is spent on configuring tools or provisioning new apps.
On a bad day, on top of fire drills, hours are spent justifying operational simplicity and ROI to management in order to maintain an ever-decreasing IT budget.
“It would be nice,” Nick interjects, “if I could easily manage the network like that (snapping his fingers) so I have more time on strategic stuff – like enabling business innovation and driving more value for my stakeholders (his employees and customers).”
When we say interoperability we mean it. Even when that means supporting proprietary protocols. For instance, to ensure that Microsoft Lync and Skype for Business users can fully experience the power of Cisco conferencing.
IDC released the IDC MarketScape: Worldwide Unified Communications and Collaboration 2015 Vendor Assessment last month. In it, Rich Costello notes that Cisco is “perennially the worldwide market share leader in enterprise IP telephony solutions, as well as advanced capabilities such as telepresence, Web conferencing services, and enterprise session border control (SBC).” (Thank you IDC.)
That doesn’t mean we’re the only option. People sometimes need to use third-party endpoints and applications to connect to Cisco meetings. We’ve enabled Lync users to participate in Cisco conferences with high-quality voice and video for years. Now we’ve enhanced that experience by enabling them to also fully share and view content. Continue reading “Cisco Delivers Improved Lync Interoperability”
It’s hard to believe 2 years have already passed since I first experienced WorldSkills in Leipzig, Germany. The intensity and energy of the week were unforgettable, so I’m excited to be back this year, in Sao Paulo, Brazil, to experience it again.
I always feel inspired meeting young people who take their skills to the next level. WorldSkills is one of the best events to do just that – this vigorous 4-day competition tests young people’s vocational skills, ranging from hairdressing to carpentry to robotics to IT network systems administration. More than 1000 competitors travel from 50+ countries around the world with the hopes to take home a medal at the end of the week.
Cisco is a strong supporter of World Skills and the opportunity it provides for young people to showcase their talent. Specifically we sponsor Skill #39, IT Network Systems Administration. This year we will meet top talent from 36 countries who will compete in Skill #39 – the largest number in this skill ever. And, approximately 90% of them are enrolled in Cisco Networking Academy courses.
Jean-Philippe Desbiens represented Canada in Skill #39 at WorldSkills 2013. He was later hired by Cisco in Montreal.
Cloud sprawl is a BIG challenge. Large companies use 730 individual cloud services – a number which has grown a staggering 21% in just six months. If you don’t know by now what your organization is using, you need to!
In just three minutes, you can learn how Cloud Consumption Services can help you discover and monitor your cloud service usage, identify cloud usage anomalies, and understand the risks of cloud.
Take a look and learn more about how Cloud Consumption can help you manage cloud sprawl!
Questions about the demo? Let me know on Twitter or LinkedIn.
Is Lowest Price/Technically Acceptable (LPTA) an impediment to Secure IT solutions?
While many hypothesize that meeting LPTA mandates and also acquiring security “built in” is as rare as the mythological unicorn, I suggest that a reasoned path to both exists.
That path requires a walk through “Value Chain” security. In the public sector, where technology supports government operations at the federal, state and local level, it is vital for government procurers of technology to:
Embrace the breadth of the IT Value Chain;
Understand the key threats to the IT Value Chain and the exposures to which those threats correlate; and
Ensure they procure from trusted vendors who have a comprehensive approach to security across their end to end Value Chain.
#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking about the Cisco Midyear Security Report with Cisco Marketing Manager Kevin Parra.
Get the Podcast Listen to this episode Download this episode (right-click on the episode’s download button) View this episode in iTunes
Highlights
What is the Midyear Security Report and how is it different from the Annual Security Report?
How the report is put together and who contributes
What are combination attacks and how do they hang together?
Real life examples of what makes a formidable attack
Flash and malware
What InfoSec teams can do to improve their security
Cisco Champions Program Learn about the Cisco Champions Program See a list of all #CiscoChampion Radio podcasts Email us about the next round of Cisco Champions nominations
Last week I wrote about how much we enjoyed talking with everyone who came to see us at Cisco Live as well as InfoComm, a conference with thousands of products from hundreds of exhibitors and more than 39,2015 attendees. It was great to learn how our video solutions are adding value to your businesses. We’re very honored that rAVe awarded us Best of InfoComm awards in two categories.
Best New Videoconferencing Product: Cisco SX80 Codec
The SX80 codec is a powerful audio and video platform that enables integrators to incorporate high-definition video collaboration applications into large and purpose-built meeting rooms. In addition to its technical capabilities, the SX80 is also a standout on aesthetic merits having received the Red Dot design award last year.
The #ILookLikeAnEngineer hashtag is the diversity sensation that’s sweeping the nations!
The hashtag started as a way to break down stereotypes as to what an engineer might look like. It’s not just nerdy guys. It’s women, minorities; heck, ANYONE can be an engineer or interested in technology.
We gathered all of the #ILookLikeAnEngineer posts from our wonderfully diverse group of Cisco engineers and put them in a Storify. Because we’re proud of being a family that is inclusive of all. We wanted to highlight our engineers, and inspire others to join our technology revolution!
If you haven’t already, share your #ILookLikeAnEngineer posts on Twitter/Instagram!
(This blog has been developed in association with Praveen Jain, VP, Engineering of Cisco’s Application Policy Infrastructure Controller, Juan Lage, Principal Engineer and others)
Security is top of mind in today’s data center and cloud deployments and security architectures have continued to evolve even as new threats manifest themselves in the digital world. Today’s security administrator requires a variety of “tools” to deal with the sophisticated attacks. One such tool is the ability to segment the network.
Traditionally network administrators have allocated subnets for different applications and mapped them to VLANs as a means of providing network segmentation, partitioning and isolating domains. This classic approach was relatively easy to implement and facilitated policy definition using Access Control Lists (ACLs) between subnets at the L3 boundary, usually the first hop router or perhaps a physical firewall.
However, this approach led to the undesired mapping of IP subnets to applications. Over time, it also led to an explosion of ACLs when subnet based policies were not sufficient (for instance, by requiring ACLs that match on specific IP Addresses). This in turn made it difficult to perform garbage collection of ACL entries when applications were decommissioned, complicating the ACL management problem.
So, while the broad constructs of segmentation are still relevant, today’s application and security requirements mandate increasingly granular methods that are more secure and operationally simpler.
This has led to the evolution of what we call as “micro-segmentation”. Broadly, the goals of micro-segmentation are as follows
Programmatically define segments on an increasingly granular basis allowing greater flexibility (e.g. to limit lateral movement of a threat or to quarantine a compromised endpoint in a broader system)
Leverage programmability to automate segment and policy managent across the entire application lifecycle (instantiation through de-commissioning)
Enhance security and scale by enabling a Zero-Trust approach for heterogeneous workloads
Micro-segmentation with Cisco’s Application Centric Infrastructure
Cisco’s Application Centric Infrastructure (ACI) takes a very elegant approach to micro-segmentation with policy definition separating segments from the broadcast domain. It uses a new application-aware construct called End-Point Group (or EPG) that allows application designers to define the group of endpoints that belong to the EPG regardless of their IP address or the subnet they belong to. Further, the endpoint can be a physical server, a virtual machine, a Linux container or even legacy mainframes – i.e. the type of endpoint is normalized and therefore irrelevant, thereby offering great simplicity and flexibility in their treatment.
ACI still preserves the traditional segment, now called a Bridge Domain (or BD). IP subnets can still be assigned to Bridge Domains. This approach helps preserve any existing operational models, if required, allowing for creation of Bridge Domains with a single EPG that maps to the concept of a traditional VLAN.
The ACI architecture takes these even further. Multiple EPGs can belong to the same Bridge Domain, and EPGs can be provisioned programmatically (in fact, just like everything else within ACI) via an open API made available through Cisco’s Application Policy Infrastructure Controller (APIC). Simply put, the EPGs in the ACI architecture are “micro-segments” of a Bridge Domain.
#CiscoChampion Radio is a podcast series by 
