My greatest pet peeve when I managed a branch: sticky notes. I thought they made our office/workstation cluttered and disorganized. It never failed that I’d see them on the corners of a tellers’ monitor or scattered around a bankers’ desk. As much as I disliked them I was always reminded about how they served as one of the few ways to assist the banker.
Sticky notes reminds tellers of an action item or something to discuss with a customer when they saw them again. Often times those reminders consisted of calling another office to schedule an appointment for a subject matter expert to come to our office to meet our client.
For a couple of weeks in June the threat landscape was changed. Several high profile threats fell off the landscape, causing a shake-up that hadn’t been seen before. For a period of three weeks the internet was safer, if only for a short time. Still to date the Angler exploit kit has not returned and the threat landscape appears to be forever changed. This post will discuss a series of connections tying back to a banking trojan called lurk and a registrant account with ties that were far reaching across the crimeware landscape.
If you’re interested in cybersecurity (and really, who isn’t these days?), you have a lot to look forward to at Cisco Live US. Digital Business Transformation will be in the spotlight this year and our world-class experts will be sharing how security acts as a fundamental enabler of that transformation.
We’re offering more than 200 security-focused technical sessions, an Innovation Talk, hands-on demos and a whole lot more. Here’s a collection of highlights:
Opening Keynote: Accelerating Digital Transformation
Monday, July 11 at 10:30AM
While not specific to security, the opening keynote is never one to miss. Chuck Robbins will outline how winning in digital requires a fundamental expansion of the role of IT and the network, and how Cisco’s vision and strategy will help you lead your organization forward.
Innovation Talk: Security in a Digital World
Tuesday, Jul 12, 9:00 a.m. | Bayside A, Level 1
This talk will address the evolving role of security in digital environments. Leaders in Cisco’s security engineering, product management and services organizations will discuss new ways to secure your business in a digital world, including key architectural approaches that you can take to protect your business both today and enable it for growth and innovation moving forward.
Wednesday, July 13, 11 a.m. | MGMCC Connections Theater, Grand Ballroom
During this session, Steve Martino from Cisco’s Security & Trust Organization will discuss the security challenges created by the Digital Economy and how Cisco is protecting itself. He will also share best practices for how organizations should build out their own strategy for securing their organizations.
Security in the World of Solutions
Visit the Cisco Campus in the World of Solutions where you can see security solutions in action. Get hands-on with demos in the Security Zone and visit the Campus Theater for sessions on topics such as Advanced Malware Protection and cloud security. Plus meet with over 15 of our security partners in the Partner Village.
Security Passport Program
Each day we will be giving away a special prize for attendees who visit five participating security activities in the World of Solutions. Just pick up your passport at any of the locations, collects stamps at each, and return your completed passport to the Security Zone. Here are the activities:
Test Your Security Awareness and Tour the Network Emergency Response Vehicle (booth 3423)
Security Partner Village
Lancope, now part of Cisco (booth 1937)
OpenDNS, now part of Cisco (booth 2157)
Cisco Security Customer Connection Program (in Security Zone, Cisco campus)
Threat Wall
Making an appearance again this year will be the Threat Wall. The wall demonstrates “Cisco Firepower Threat Management at Work” and presents a live, anonymized analysis of the Cisco Live conference network.
Technical Sessions
As I mentioned earlier, there are over 200 security-focused technical sessions at Cisco Live. Browse the full list here or see some highlights below. Register now before they fill up.
Learn how enterprises worldwide are adopting containers and microservices to transform business services and what your IT organizations needs to do to prepare for this change.
Future of IT panel at Cisco Live, Las Vegas
I am super excited to be moderating a marquee panel of industry thought leaders and operators on July 13th Wednesday 8am at South Seas J, Level 3. We will be talking about the future of IT and how containers, microservices and devops will disrupt enterprise IT. Without further ado, here is our list of panelists.
Future of IT Panel
This session will help IT architects as well as senior managers who are interested in learning about how to navigate through this journey and learn best practices from the early adopters and the innovators in this space.
You don’t want to miss this event. Space is limited, so register now before the session is full:
I believe that technologies like containers and microservices application architecture will fundamentally change how applications are developed in the next 5-10 years. It will be a slow process, and we don’t expect it to be overnight. Server virtualization affect only a few few administrators, but these technologies need to adopted across the developer base as well as operations, which is orders of magnitude larger. As a result, the inertia of change will be slower. Having said that, enterprise IT supporting these new age applications, will end up looking a lot different at the end of it.
We will explore the following topics on the panel:
What are the top use cases for enterprises that are adopting containers and microservices for today and in the next 12-24 months?
Assuming your enterprise is going to start this journey, what is the recommended approach – convert an existing monolithic application completely to microservices architecture or do a mixed-mode application (container/web/bare metal) or only focus on new cloud native applications? What are the pitfalls or best practices in each of these approaches?
Which of the container stack will you choose to do scheduling and orchestration? What are the pros and cons between Docker, Kubernetes, Apache Mesos or Nomad? Do we have too many to choose from?
What are the risks of using open source projects and how does enterprise protect against potential downsides or support issues?
What are key challenges in adopting containers and microservices? Do we have enough security or monitoring tools available for enterprise IT?
Does enterprise IT need retrain or hire new engineers with expertise in containers and microservices?
What is role of ops in this new model? How are enterprises evolving to DevOps model? How does the organization need to be structured to make this a smooth transition?
Contiv at Cisco Live, Las Vegas
I will also be providing a deeper dive into our open source project called Contiv that includes network and storage modules at Cisco Live next week in Las Vegas. I will be joined by Vipin Jain, distinguished engineer and founder of Contiv project for all your questions. Check out the following sessions:
Hands-on container networking 101 workshop – DEVNET-2033 on Wednesday July 13th and Thursday July 14th at 1:00pm.
We also have a dedicated booth for container solutions at the World of Solution Data Center, Cloud and SDN area. In addition, we have demos featuring Contiv open source integrations with Docker, Kubernetes, Apache Mesos, Nomad, CoreOS and OpenShift.
For information about the open source project Contiv, check out our newly updated portal at contiv.io
We heard you! Customers have long complained that they can’t easily find what they need within a book. With the latest release we are pleased to announce that the new “Search within a Book” feature is now available on all Product Documentation Books and Chapters on Cisco.com.
The new Search feature enhances the usability of the book by bringing a much-requested capability for a quick way to find a term or entry within the book without the need to download the PDF.
New Feature:
“Search within the Book” gives the user the ability to search all chapters in the book, in the HTML format, regardless of where you are currently positioned in the book
A pop-up lists the chapters with matches to the query
The ‘Matches’ arrows allow for movement to the previous and next matches in the book
The next releases will include a large-screen version of the book template to take advantage of bigger screen sizes and show more content. “Search the book” in mobile devices is planned as well. And several known formatting issues will be resolved in August and later releases.
Have suggestions to make it better? Let us know either by providing feedback directly on any document, or by commenting on this article.
Cloud computing has rapidly matured in the market. Many businesses have adopted private and public cloud strategies and have deployed on to cloud infrastructure users of cloud computing, especially when demand comes from lines of business rather than IT departments who already have strong security and privacy policies. The desire to innovate rapidly and the adaption of cloud native software development methodologies that are paramount to accomplishing business success have come with a price of less security rigor. This is a tradeoff that is not necessary.
Cisco Domain TenSM is our reference framework that provides a structured, vendor-agnostic approach to strategize and execute IT transformation to align to organizational needs and drive outcomes. Coupled with an end- to-end view of key elements such as security for your data center, cloud and beyond, Domain Ten offers a prescribed methodology for mapping and understanding your information technology capabilities—and most importantly, what needs to be addressed based on industry best practices.
There are 3 areas that must be addressed by cloud computing platforms to minimize security and compliance risk.
Privacy and Data Sovereignty
Privacy and the ability of an individual or group to ensure that personal or confidential data about them is kept confidential (Domains 4, 5, 6, 8, 9, 10) is the top a. Data sovereignty is the concept that information which has been converted and stored in binary digital form is subject to the laws of the country in which it is located. The information around a person or groups is meant to remain with private to them.
The laws and requirement for this vary from country to country, but many countries have very specific and constraining laws for data sovereignty that can have substantial impact on logical and physical cloud and storage architectures. It is critical that companies create a data privacy and sovereignty governance framework. This must meet the requirements that consumer data does not leave the country of origin, personnel outside that country (provider) do not have access to any aspect of the data, and all operations (provider) must be performed by in-country residence staff.
Cloud Platform Security
The cloud platform itself must be secure from an access, operations, and application standpoint (Domains 1, 2, 4, 7). Access via the portal as well as APIs must be secured with API Firewalls, Web Application Firewalls, and Advanced Persistent Threat solutions. Operationally, SSAE16 and CSA CCM are good guidelines, but I prefer PCI which requires basic controls like firewalls, intrusion detection, and separate logical networks for control, management, network, storage, and application security and governance. From the application standpoint, identity management and security policies are critical to ensure that only authenticated users can access the data to which they have access rights.
A few words about compliance in cloud – compliance is always the responsibility of the owner of the application, process, and data. The cloud provider has the responsibility to provide to their users the security controls and enable companies to comply with the regulatory and industrial best practices, but they are careful to state they do not ensure compliance. This is the interpretation of your auditor and can vary widely. It is critically important to consider compliance through two filters: first, the cloud provider’s internal compliance that they will share with you and allow you to audit; and the controls will enable you to build compliant solutions (ie., firewalls, IDS, and encryption capabilities). This second lens is important when auditors require mitigating controls.
Cloud Orchestration and Automation
Cloud orchestration and automation systems provide all the capabilities necessary to deliver, operate, manage, and maintain a cloud (Domain 3). The most vulnerable aspects of most cloud solutions are the orchestration and automation systems because they are “behind the firewall” and trusted. These systems usually use a single system account with a simple password. This environment must be treated as an untrusted segment with rigorous security controls enabled. It is important to understand the capabilities of these systems and the security models employed. Consider the security of the platform as discussed above and apply the same security rigor to the automation and orchestration systems.
Please stop by @CiscoDevNet @CiscoLive and see our @CiscoCloud Security panel: Securing PaaS and SaaS: What are Cisco and our Partners Doing to Secure Your Hybrid Cloud? – Session DEVNET-1045 on Wednesday July 13th @ 11:00 – 11:45
In previous We’re Listening Blog posts, we’ve talked about the various ways we listen to our customers and partners. Rich sources of feedback (including surveys, but also focus groups, advisory boards and events) help give us a comprehensive picture of where our customers would like to see improvement in their end-to-end experience with Cisco. Our Cisco Live! events are one of these sources of feedback.
As we gear up for the next Cisco Live! in Las Vegas July 10-14, I invited Lauren Wright from Cisco Marketing to share how her team has been thinking outside the box for interesting and fun ways to gather customer input. Lauren is a Marketing Manager in Digital Marketing for the Americas region.
By: Lauren Wright, Marketing Manager
I’m part of a small but mighty team comprised of individuals from different backgrounds and functions. We came together because of a shared passion – our customer’s experience with Cisco. This passion fueled us to find a creative way of reaching customers and gathering their feedback and insights. We asked ourselves, “How can we talk to a lot of customers all at once?” The answer? Cisco Live! Our main customer-focused conference would be the perfect place to engage with customers. What better way to get feedback than to go where our customers are already gathering. Continue reading “We’re Listening Blog Series: The Cisco Experience Lab at Cisco Live!”
No – it’s not the annual post 4th of July workweek “recovery period” – it’s Cisco Live US, the industry’s premier education and training event for IT, networking, and communications professionals.
As we gear up for a week of keynotes, certification testing, breakout sessions, and the (infamous) customer appreciation event with Maroon 5, let’s take a glance at the five K-12 and Higher Education demos we’ll be featuring at booth #109 inside the World of Solutions:
We’ll also have three booth presentations throughout the week:
Cisco’s Digital Education Solutions and services can help you simplify and secure your campus network while accelerating student success. Visit us at booth #109 next week for a deep-dive into any of these solutions and services.
Red Hat Summit 2016 in San Francisco is an ideal setting to experience the power of open source in enterprise, for customers, partners and community enthusiasts. For me personally, this year’s event was a great learning experience, both from the standpoint of quality face-to-face time with industry experts, and the opportunity to check out the coolest technology updates from hi-tech companies. Read the pre-event blog post for highlights and key Cisco activities.
Let me start with some trivia, where I give the answer as well. Where did the company Red Hat derive its name from? Turns out the founder, Marc Ewing, had an affinity for red hats and wore his grandfather’s red lacrosse cap during his college days at CMU. In fact, Marc used to name his projects Red Hat 1, Red Hat 2 and so on. When he started his Linux project, he named it Red Hat Linux for lack of a better term – so goes the history.
My key observations:
Containers is a huge bet for Red Hat. It now competes with many, including Docker, even on how to deliver them.
Security scanning for containers is going to be big in the enterprise and a number of companies will offer scanning tools to help reduce and eliminate potential threats.
Red Hat has added container workload analytics to provide greater visibility so that businesses can more safely adopt containers. Red Hat’s Hybrid Cloud Management Platform is a flexibility play and supports AWS, Microsoft Azure, and of late GCP. Red Hat CEO made a call for more open source participation for businesses. Not only to be consumers of open source technology, but also to participate by giving back to the community.
The call for cultural change was one that echoed through most of the conference. Both Red Hat and companies such as Cisco, all called for businesses to change their culture in order to keep up with the pace of innovation, and to make open source work.
Cisco’s Chief Technical Architect David Ward presented a keynote Open Source: the Forefront of Innovation and emphasized open source, open communities and collaborative development. His “shoes off” approach and message resonated with the audience and Twitter erupted with photos and quotes about the future of open source. Ward was also interviewed by The Cube and was featured live on Periscope.
In addition to the David Ward Keynote, Mike Cohen’s session featured how Openstack, Contiv and Cisco ACI work together, and Duane Decapite spoke to the convergence of Hadoop, Containers and Openstack.
Three days at Red Hat Summit, yet it felt like a short event. I cannot wait for Red Hat Summit 2017 when more exciting updates await us on the emerging technolony for data centers, IT professionals and developers.
