2016 - Page 136 of 221

May 23, 2016 3 Comments

Network Security is Not Child’s Play

Do you remember the childhood game Gossip? Maybe you played it. A secret message is whispered from one person to the next until it reaches the last person who says out loud what they believed they heard. Whether by an honest misunderstanding or intentional sabotage, often the end message is nothing like the original. Now, imagine this scenario playing out within your company’s network infrastructure and expanded ecosystem. How would it play out? In a word, it would be unacceptable.

Are You Exposed to Gossip Gaps?

In life and in business no one likes a gossip. A gossip can’t be trusted to keep information confidential nor can the information a gossip puts out be considered error-proof. To be a trusted and reliable leader in your industry the partners and vendors you work with want to know your network can keep information secure.

Below are questions I recommend you ask yourself about your company’s network. Your answers will help you determine if you are exposed to gaps that could put your company’s and customers’ information at risk. Take a moment to answer the following questions:

Is the use of automation maximized?
Are workflows seamless from end-to-end?
Are you consistently compliant with organizational and regulatory standards?
Do you have a complete view of your entire network ecosystem?
Are your devices updated to the latest operating system?
Does communication flow freely, yet securely, throughout your ecosystem?

If you answered no to any of the questions, your network is at risk and you should take immediate steps to protect it.

How to Close the Gaps to Secure Your Network

The ability to automate processes that eliminate multiple toolsets, prevent redundancy, and reduce human errors and the time required for change is paramount for securing your network. Automation leads to operational efficiencies and those efficiencies lead to faster compliance. In short, compliance equals security.

Recently, we deployed Cisco Compliance Management and Configuration Platform (CMCP)¹ to help a large financial institution audit and update 54,000 devices with IOS upgrades to corporate standards. Because our solution automated the process, device upgrades were completed in 65 12-hour change windows with the average number of violations remediated per window of 272.

Because we used CMCP, the customer avoided 2,531 additional change windows than if the standard, non-automated approach was used. Another way to look at it is CMCP saved the customer 30,372 hours in manual hours by mitigating risks, achieving and enforcing compliance, and maintaining business continuity.

So, now let’s look at security from a multiparty lens. Multi-sourcing can create complexities that compromise business security. As a result, many companies come to us because they are plagued with the challenges of overlapping responsibilities, unclear ownership of issues and service provider performance, fragmented communication, and inefficient issue resolution making consistent service-level agreement (SLA) management impossible.

Cisco ServiceGrid closes security gaps with a connect-once-connect-all approach for multiparty environments. It provides a single view of all your support partners and customers enabling you to monitor SLAs against both the performance of individual suppliers and the end-to-end service that is provided to the customer. ServiceGrid automates processes, reduces costs, and eliminates errors found in multiparty environments, thus improving the quality of support and enhancing the security of your network.

It’s apparent, security requires specialized tools. CMCP and ServiceGrid are solutions that can handle the job both individually and collectively. Although, I did not approach it from a security angle at the time, in my August 2015 blog post, Automating Configuration in a Multi-sourced Environment, I shared a case study of a customer that was reaping the benefits of automating multi-vendor network configuration and compliance. I’d love to hear your feedback once you read the post so please, share where you believe the customer would reap the benefit from a more secure network. Let’s talk about it.

¹Formerly Compliance Management and Configuration Service and Compliance Management and Configuration Solution.

Register for Our Upcoming ServiceGrid Webinar

Title: “How to Leverage the Power of Service Integration to Enhance Customer Experience”

Date: June 9^th, 12 pm Eastern Time

Speakers:
Jim McDonnell, Director ServiceGrid, CMCP, and UCSF Alliance
Greg Hibbert, Business Development Manager, Dimension Data Europe

Tune in to learn how companies are addressing the following questions:

As organizations embrace disparate technologies, can they ensure the integrity of their service offerings? Can companies maintain a consistent level of quality, providing a seamless transition to their customers? By welcoming new providers, must a level of security be sacrificed?

Authors

Jim McDonnell

Director, General Manager

ServiceGrid, CMCP, UCSF Alliance

Leave a Comment

Two days of fun, one RHme+ Challenge pwned!

Michal Brenner

By Oded Ashkenazi, Group Leader, STARE, Service Provider Video Software and Solutions, Cisco

Few would argue that data security has become one of the most pressing technology issues facing the world today. Nonetheless, despite the seriousness of our business, our STARE (Security Threat Analysis and Reverse Engineering Center) team in the Cisco Service Provider Video Software and Solutions group does enjoy having a bit of fun now and again.

So when, back in November last year, one of our team members noticed a tweet mentioning the Riscure Rhme+ challenge, we were naturally intrigued. It was time to start digging for more information.

Riscure is a global security test lab and market leader in side channel and fault injection test equipment. Through their RHme+ challenge they were tasking engineers to hack an Arduino board and extract the flags that were inside. In other words, a Capture the Flag (CTF) challenge. Given that this was a “black-box” challenge, there was no source code nor any inside information.

Now contrary to popular belief, our STARE team was not named as such because we like to spend all day gawking at black boxes. But we do, indeed, handle black box evaluations for a variety of embedded devices and systems. A challenge such as this provided a fun way for us to keep our skills sharp. As the saying goes “Use it or lose it.” And so we decided to go for it.

I contacted the folks at Riscure, and they immediately agreed to send us two challenge boards to our office. This challenge was unique in the way it combined both hardware and software attacks. To attempt it, we organized a two-day “hackathon” during which we were all solely focused on this challenge. By the end of the first day, we had found the flag using just software-based attack methods. Since we had some time to spare, we decided to split in two groups.

The first group, concentrating on hardware attacks, successfully extracted the flag using an electro-magnetic glitch at just the right time. The second group, focused on improving the software exploit we had created the previous day, successfully extracted the EEPROM from the device. While it turned out to be mostly empty, it required us to create a sophisticated return-oriented programming (ROP) chain exploit, which was great fun.

On January 18th, 2016, Riscure announced the winners of the RHme+ challenge.

“From a total of 140 boards that were distributed during Blackhat Amsterdam, at universities in the Netherlands and [to] several teams that personally requested a board, we received two submissions that were successful in getting the flag.”

Our Cisco STARE team was one of the two winners, specifically called out for our technically-sophisticated solution.

This challenge is now open-source and anyone interested can have a go at resolving it.

Learn more about Cisco Video Security Solutions.

And if you have another product or challenge that you wish us to have a go at resolving… well you know we are always up for a bit of fun.

Authors

Michal Brenner

Marketing Manager

Service Provider Video Marketing

Leave a Comment

Going Dutch: Cisco Aids Netherlands School in Expanding Bandwidth

Byron Magrane

For such a basic idea, BYOD can turn into a complex issue. Network administrators at ROC Friese Poort, a school of 13,000 students in the Netherlands, were concerned that their wireless network’s capacity and performance wasn’t robust enough to handle the influx of devices on campus. Combating the inadequacies of their network was beginning to take a major toll on the IT team’s time.

Since it wasn’t reliable, fewer and fewer students and faculty were using the wireless network. The ROC Friese Poort IT department needed a solution fast.

ROC Friese Poort looked to Cisco for an answer to pump up their bandwidth and get their students and faculty back on the wireless network. Utilizing Cisco hardware such as: the Aironet 2700 Series Access Points, Catalyst 3650 Series Switches and the 5700 Series Wireless LAN Controllers allowed the school to create an entirely new Cisco 802.11ac Wave 1 network that revolutionized the school’s wireless network.

“There were times when staff couldn’t do an attendance check because the Wi-Fi connection was bad,” said Gerrit Haakma, Head of ICT, ROC Friese Poort. “Now, completing these routine tasks in the classroom with their iPad is simple and quick.”

As a result student and staff Wi-Fi use has increased significantly and thanks to the Cisco management (Cisco Prime Infrastructure) and services products (Cisco Smart Net Total Care services), fault reporting has dropped dramatically. This wider bandwidth also has the school looking into future to develop new ways of learning.

To learn more about this case study, click here.

Authors

Byron Magrane

Product Manager, Marketing

3 Comments

Scan. Analyze. Secure!

Efrat Noy

Let me begin with some nostalgia.

Allow me to transport you back to the 1990s… when fashion got rid of shoulder pads, a new rock sound was coming out of Seattle, South Park and The Simpsons brought crude humor to the masses, and the Internet became more available.

Access became faster and cheaper, and email was at the center of our work and personal lives. It was a new and refreshing form of communication— quick and handy, and always at your fingertips.

But with that liberty came a threat – the threat of viruses in attachments.

Information was stored locally on your PC, and was the target of many hackers wanting access to your personal or work information.

Fast forward a decade, when the promise of cloud-based applications emerged. Yahoo, Microsoft, Google and their likes introduced applications that basically brought your PC to the cloud. “No Software”, Salesforce.com claimed (and still do), pioneering the concept of Software-as-a-Service.

That promise of cloud, for compute and storage, is here now. And with broadband, mobility and Internet access becoming ubiquitous and affordable, content and information began migrating from the PC into the cloud. More and more sensitive information is now flowing on networks and is stored in data centers in virtual locations.

So, why am I telling you this? Because hackers now have a different target — your network! Information is everywhere, and the network is at the heart of it; it’s up to you to secure it!

The Global State of Information Security 2016, published recently by PWC*, showed 3 things:

CIOs and CEOs are seeing an increased security threat across all markets and segments.
The average financial loss due to security incidents in 2015 was $2.5M!
To cope with this risk and financial liability, security budgets have increased by 24% in 2015.

Security incidents not only result in information theft and network compromise, but most importantly – downtime and disruption of services.

So, what can you do? Did you know that your existing Cisco infrastructure already has the ability to secure your network? And with a few simple configuration changes you can minimize the risk of a security incident?

Cisco has developed a set of Enterprise Security Baseline recommendations for LAN and Wireless LAN, that is based on leading practices and guidance compiled from customers’ feedback, TAC and escalation cases and in-depth knowledge of the technologies.

What’s more, Cisco has developed a free service to compare your existing network against the Enterprise Security Baseline. This service, Cisco Active Advisor, is simple to use and easy to understand.

With an easy-to-use network discovery via the built-in browser-based scanner, Cisco Active Advisor analyzes your network’s security settings and makes actionable recommendations based on the Baseline Best Practices recommendations.

It checks for baseline security settings in:

Device Management
Authentication Control
Device Audit
LAN Access Layer Security
Baseline Security for Layer-3 LAN and Routed WAN
Baseline Security for Campus Wireless LAN Controllers

In just a few clicks with minimal processing time, you can leverage Cisco’s expertise and experience to ensure your network is secure with the very basic needs – before increasing your security expenses.

Cisco Active Advisor saves you time and money, and allows you to utilize your resources better.

In fact, many customers have reported a >15% increase in efficiency (a saving of multiple man-days or even weeks per quarter) when using Cisco Active Advisor!

Additionally, Cisco Active Advisor measures Switching and Wireless Best Practices as defined in Cisco Enterprise Campus Infrastructure Best Practices Guide and Cisco Wireless LAN Controller Best Practices.

You can access your account on Cisco Active Advisor any time using your cisco.com credentials.

Securing your network couldn’t be easier, and it’s free!

So, before investing a large sum in security products, run Security Best Practices Assessment on Cisco Active Advisor.

And please let us know – have we found ways to make your network more secure, with Cisco’s Baseline Security Best Practices? And how much time did Cisco Active Advisor save you in analyzing these? What did you do with all that time and resources? Please tell us in the Comments below or tweet us @CiscoEnterprise, we’d love to know!

Oh, and in case you are still reminiscing about the 1990s, Cisco Active Advisor does not support Netscape Navigator v3 and is fully Y2K compliant.

*http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey/key-findings.html

Authors

Efrat Noy

Product Manager

Leave a Comment

Unleash the power of partners – your channel to new cloud revenue

Ben Bekele

Many service providers have yet to tap into the full business potential of IT-as-a-service. If they’re willing to invest the time developing the relationship with their channel partners, the returns could be considerable.

The dramatic growth of cloud services isn’t a new concept to service providers (SP). Recent research from AMI-Partners[1] forecasts global revenues of $351 billion for cloud products and services by 2019. That is more than double the 2013 figure of $140 billion!

What is not as widely known, however, is the opportunity this presents for SPs to generate new revenue by offering IT-as-a-service (ITaaS) to businesses of all sizes. This is now simple and affordable for SPs to offer customers, thanks to its cloud architecture based on:

software-defined networking (SDN)
network functions virtualization (NFV)
open application program interfaces (API)
zero-touch provisioning

The trick is to tap into the broad market of customers through channel partners.

The ITaaS demand

Plug in a phone or router. Go to a cloud portal. Order everything your business needs – apps, virtual private network or communications – from the cloud, on demand. It is this simplicity that customers love. So rather than handling IT themselves, more and more businesses are opting for the service-based alternative. It is highly efficient and cost-effective. What is more, there is an ever greater acceptance that the model can apply equally well to both single-office and multi-branch businesses.

AMI-Partners’ research, which took in 350 enterprises across 11 countries, shows that businesses are picky about the vendors they turn to for cloud services. Most don’t have relationships with SPs. Instead, they look to trusted advisors like value-added resellers (VAR), system integrators, managed services providers, and data center hosting companies.

A broad channel presence is a must

So what is the takeaway from all of this? SPs that want to be successful selling ITaaS to a broad business market must develop strong channel partnerships. Before the cloud, you would have had to integrate your network service into those of your channel partners. But now, a software-defined infrastructure and open APIs make it much easier for you to deliver these services to end customers through the channel.

With the newest cloud solutions, you can focus on building your own brand by directing your sales and marketing efforts to channel partners. You can promote the superior quality of service and user experience you provide versus the best effort service of over-the-top providers.

The channel opportunity in numbers

The AMI-Partners study also included data from interviews with 25 SPs. Some 84 per cent said they are ready to share their APIs with third party channel vendors to collaborate on offering cloud service bundles.

The research pulled data going back to 2014 and found that SPs were only capturing 17 per cent of the ICT cloud services market that year. The majority of revenue was going to other vendors, from companies like Amazon Web Services to resellers, hosters, and system integrators. For SPs that don’t pursue channel partnerships, market share is forecast to decline to 15 percent by 2019.

Source: AMI-Partners study, March 2015.

Now for the good news. The research also forecasts that SPs can increase their percentage of overall cloud revenues to 46 per cent by 2019. They can do this by partnering with different channel vendors. The study predicts this partnering formula will result in a 15 per cent uplift to the global cloud services market, increasing overall revenues to $351 billion.

Find out more

The ITaaS for business opportunity is huge. For more information on how Cisco can help you capture your share of this market, visit MOI Forecast or ITaaS global summary.

[1] Cloud VPN & The Role of the Service Provider in Disrupting the VPN Market, 2015

Authors

Ben Bekele

Director Prouduct Management

2 Comments

Industry Recognition for Cisco Hybrid Cloud Solutions

Joann Starke

It is nearly impossible to miss the business transformation taking place in every organization. As consumers, our smart devices have trained us to expect delivery of information or services at near instant speed. But when we move from our consumer to business roles, we find service delivery anything BUT instant.

Cisco has two solutions that deliver on demand consumption of IT and business services into hybrid environments. Both of these solutions have been noticed by customers and have become established in the marketplace. But it is especially pleasing when recognition comes from industry peers.

Continue reading “Industry Recognition for Cisco Hybrid Cloud Solutions”

Authors

Joann Starke

No Longer with Cisco

6 Comments

It’s back to school

Adrian den Hartog

My youngest daughter, a very energetic happy-go-easy fourth grader, was looking over my shoulder as I was working on this blog.

“Dad, why talk about going back to school before the summer break even starts?”

Good point, considering her world. A world that is so simple compared to that of grown-ups.

I showed her the cover of the latest Cloud edition of Unleashing IT, featuring a school of fish. I then gave her some additional context.

Satisfied with my explanation, she went about her own business, doing whatever she wanted or had to do, without a care in the world.

I paused to think back about what the world was like when I was her age: no Internet, no NetFlix (or cable TV for that matter), Twitter, etc. All this ‘stuff’ that my kids take for granted. The contrast is so stark it is hard to imagine what the world will be like when she is my age, especially given todays’ accelerated pace of innovation.

And that accelerated pace of innovation is exactly what the latest installment of this cloud-focused edition of Unleashing IT is all about: how companies much like yours are using cloud technologies to redefine business models, operate more efficiently and innovate so they can stay competitive and relevant.

Essentially, these companies are navigating new waters and learning to swim: imperatives for continued success in the age of digital transformation.

So download your copy now or peruse the articles online.

My hope is that you find your ‘aha’ moment – that nugget of information that makes you go ‘wow, this we can use’. Then reach out so we can make it happen.

In the corporate world we live in, there is no school age type summer break that the future generation business leaders enjoy today. So when it’s time for them to lead the school through previously uncharted waters, let’s make sure that the business is in good shape, leveraging technology that enables unique and valuable experiences, services and products.

Authors

Adrian den Hartog

Senior Marketing Manager

Field Marketing US Commercial

Leave a Comment

Software products or application platforms, do I have to choose?

James Jamison

This is the final post in a series that has been focused on providing different ways to think about the job of a modern day software technology architect. The series began with the idea of defining an architecture that blends physical and digital worlds, taking more of an omni-channel approach. The next post expanded on this idea by discussing the era of the Platform Economy and the platform ecosystem. It is here that the idea of three architectural patterns (orchestration, interaction and acquisition) was introduced. Some resources were provided that highlight some starting points into understanding more about platform architecture thinking. One of the more interesting elements presented was a comment by Marshall Van Alstyne (research professor MIT) during a MIT panel discussion, “products have features and platforms have communities.” A second provocative comment in this panel discussion worth exploring is the perspective that, platforms beat products every time. For me this led to a question, “is that true and if not, how do I choose and do I have to choose?” In general, I do believe platforms beat products, and that platforms will begin to have a larger footprint in most company’s architecture landscape…in the right context, for the right purpose to achieve flexible, yet targeted outcomes.

This concept hinges on the distinction between what constitutes a product versus what constitutes a platform.

To put a boundary around our scope, we will limit this post to application software products and application software platforms.

An application software product is a packaged piece of software, compromised of one or more components. This covers a variety of deployment options that could be available, including on premise, in the cloud or as-a-service. Its appeal is that an application software product is designed and deployed to perform a specific function, such as predictive analytics, marketing automation, e-commerce, and product lifecycle management. In general application software products are “proprietary” and controlled by individual companies.

Application software platforms on the other hand is considered a collection of software services that can be combined in multiple ways to produce varying functional capabilities. Platforms also have a number of deployment options including on premise, in the cloud or as-a-service. In general, application software platforms are concerned with open architectures that allow technologists to design, deploy and run individual components that are coordinated together versus an entire package of software which only provides APIs to access pre-defined capabilities. Examples of these type of platforms include the Distributed Services Architecture, The Apache Software Foundation and Deeplearning4J.

Armed with these definitions, it is very easy to get over zealous and think that this lays the ground work for an “either/or” debate, similar to a make versus buy discussion. An either/or approach to software is dangerous and incorrect thinking. Most business environments require both, at least for the foreseeable future. Thus, the key is to know why to choose which technology based on the desired outcomes and culture of the organization.

When selecting software, there are numerous decisions that need to be made and I believe there are truly four key selection criteria that provide the greatest guidance:

Skills – Skill availability and culture of the organization
Options – Satisfying a specific need or seeking flexible options
Adoption – Requiring immediate scale or staggered adoption
Time – Pressure for time to value or time to innovate.

Skills

Potentially the most important selection criteria is to understand the mix of skills that exist and can be acquired at a cost the organization is willing to invest. The benefit of traditional application software programs is that there is a broad availability of skills, training programs and experience to mitigate the risk of selecting the right technology. The benefit of application platforms is the ability to adapt more readily to technology changes and avoid locking into a single vendor for extended periods of time that become painful to change. In the end, the real decision is what culture does the organization have and what investment is the organization willing to make for the desired end state?

Options

Determine if you are solving a distinct business problem versus solving a broader enterprise problem. If the vision is to invest in technology to support a specific business function or business need, then an application software product is likely an appropriate approach. However, if the need is to provide flexibility for the future across an entire enterprise that could impact multiple domains and departments, then the capabilities of a software platform is the more appropriate approach.

Adoption

Many enterprises are focused on scale that has been tested, which is different than being able to scale. If an organization needs verified customer references of how the software is able to handle volume, reliability and security with strong post-sales support then it’s likely an application product is appropriate. If on the other hand, there is the ability to scale through adoption roadmaps, where growing pains and learning can be tolerated to get to a more desired state, then software platforms are the right choice.

Time

While skills may be the most important decision criteria, time will most likely determine the final decision. In the case where the organization has the experience and the skill and has well defined requirements, with the pressure of getting to value in the quickest fashion for a specific purpose, application products are the way to go. In general those packages that have more “out-of-the-box” capability with minimal configuration and tuning, will be the fastest way to get to value. When innovation is more the driver and there is time to allow for trial and error, platforms are by far the superior choice. They provide the ability to tailor and create in ways that are more difficult to do with a prepackaged piece of software.

In the end, the choices that need to be made come down to balancing need, desire and culture. If the requirements are well known, the purpose and target outcome are agreed upon, most organizations will be just fine selecting either software products or software platforms. With the rapid change of technology and the flexibility that more and more organizations are needing, I believe that software platforms are the direction most environments will take over the next five years.

To really begin appreciating the power of software platforms versus products, I recommend spending time gaining hands on experience with multiple platforms such as those mentioned earlier. After that experience, see if you agree or disagree with my position of the power and eventuality on platforms taking a greater percentage of enterprise mindshare and architecture footprint.

Authors

James Jamison

Director, Technical Marketing

Software Platforms Group

May 20, 2016 8 Comments

There’s Never Been A Better Time To Make Cities Smarter

Inbar Lasser-Raab

The Wall Street Journal recently stated that one of our greatest frustrations is traffic and our daily commute. I live in a large city and travel often to big cities for work, and I can personally relate to this. Sitting in traffic makes me impatient and annoyed. But did you know that digital transformation can actually ease congestion and empower citizens like me and you? While the business side of me is excited about the potential for digital business, the personal side of me is thrilled about spending less time in traffic.

Cities all over the world are becoming digital – bringing people together to dream, create, and innovate in new ways. Digitization is forcing cities and businesses to reimagine their business models – and there’s never been a better time to make cities smarter. Here are a few examples:

https://www.youtube.com/watch?v=YlKW9FobTFo

Hamburg’s digital innovation spreads from the port to the city. A digital-ready network and IT strategy extend Wi-Fi access, and interactive kiosks provide real-time information about city attractions and businesses. This makes it easy and intuitive to plan a day of shopping or sightseeing anywhere around town. Hamburg’s intelligent parking space control helps you find parking quickly and eases traffic congestion. Future digitization plans include a smart street lighting program that can not only save money, but make citizens safer by lighting up dark streets whenever people walk by.

The City of Mississauga in Canada’s digital-ready network helps Continue reading “There’s Never Been A Better Time To Make Cities Smarter”