Year: 2016

October 3, 2016 4 Comments
Avatar

Game over. Automation Scores Huge Upset against Operational Costs.

When significant real-world ROI results come in from the field, we’re excited to share them. Some recent proof points from our service provider customers are especially compelling. Why? Because they’re about one of your biggest challenges―reducing high operational costs.

Big Reductions in OpEx Confirmed

Before the first human flew through the stratosphere, a space ship was just a fictional concept. So it is with emerging technologies before they hit an inflection point and take off.

Case in point: the automation and orchestration of network services. For the past few years, Cisco has been promoting the benefits of these features as part of programmable networks. The benefits we’ve touted may once have sounded remote and other-worldly, like fiction. Faster time-to-market. Simpler operations that don’t require expensive sys admin time. And especially much lower operational expenditures (OpEx).

Now the results are in and they’re really impressive. The promises have become reality.

Cisco crunched the data on operational processes from one of our major service provider customers that has automated their environment. Specifically, they implemented the Cisco Network Services Orchestrator. Individual service lifecycle processes were analyzed―adding a new customer, resolving an incident, handling a change request, disconnecting a service.

The savings in time and motions came to 60-70%. Overall OpEx savings came to 50-70%. Over five years, that translated to a ROI of 383% and savings of $3 million to $16.7 million from year one through year five for this Tier 3-5 provider. For a Tier 1 operator, the estimated savings over five years could reach $66.7 million!

Significant results indeed.

Where the Greatest Savings Occurs

Aside from looking at the big picture, our study also isolated the cost savings from specific portions of workflows. The green boxes in the chart highlight where network services automation and orchestration had the greatest impacts.d6tiu

Source: Cisco Business Technology Architecture Group based on averages across mobile, cable, telco and data center service providers.

In the past, sys admins configuring half a dozen sites have had to do so manually. They had to check and recheck configurations. Yet a huge percentage of problems are due to incorrect configuration or moving back to an original configuration.

By contrast, automation and orchestration rely on the data model-driven programmatic configuration of all elements participating in a service—both physical and virtualized functions, traditional and software-defined networking (SDN) management interfaces, operation support systems (OSSs) and business support systems (BSSs)—in a single transaction. That configuration extends from service-level parameters through the automated configuration of every network device involved in the service.

Automated configuration validation, a major area of savings in our study, extends across service chains, all the way from the CPE to the virtual network functions (VNFs) in the data center. The orchestrator knows if it can move on to the ongoing assurance phase of the service lifecycle (or whether it needs to reconfigure or redeploy something that has failed) based on actual measurements of performance at the endpoint.

The providers participating in this study have automated the entire lifecycle of their services, including fulfillment, activation testing, and ongoing monitoring and assurance. They design, deliver, and assure services faster. They have a single, network-wide interface to all network devices and services, both physical and virtual, using a common modeling language and data store. Services are defined using the standardized YANG modeling language and mapped to device models. And everything is automated.

Goodbye to custom coding or service disruptions. Hello to operations in real-time without manual intervention for incredible ROI and OpEx savings.

Automation and orchestration features are part of the Cisco Open Network Architecture for service providers. The architecture represents an infrastructure transformation that leaves past approaches to software, hardware, services, architectures, and operations far behind. We’ll be talking about it and a lot more at SDN World Congress on October 10-14 in The Hague―check out my colleague Frederic Trate’s blog for details.

Authors

Avatar

Sanjeev Mervana

Vice President of Product Management

Emerging Technologies & Incubation

Leave a Comment
Avatar

Cisco Chat Recap: Digital Campus

Last week, we hosted a Twitter chat that discussed all things digital campus, including trends in higher education, how to make campuses safer and more productive, as well as some highly successful education customer stories. Industry experts Navneet Johal (Research Analyst of Education Technology for Ovum), Matthew Gibbs (Solutions Architect for U.S. Public Sector at Cisco) and Brian Donlan (Regional Vice President of Sales for Cisco Canada) were all on hand during the chat to answer questions.

Weren’t able to join our #CiscoChat last week? Read on for a full recap!

Authors

Avatar

Alexia Crossman

Senior Cross-Portfolio Messaging Manager

Cisco Marketing

10 Comments
Avatar

Simpler NGFW Management – Lets You Get Home in Time for Dinner

“Call me anything you want, but just don’t call me late for dinner.”

I wonder how many of us are familiar with this old quote.

Security management often burdens teams to put in extra cycles to get the most appropriate access and security policies in place. The process too often isn’t simple and – guess what? – our security admins often have to work later than they’d like just to stay on top of security – maybe missing dinner.

So perhaps this is why I am so enthused about our new management console for our low-to mid-range next-generation firewalls (NGFW).

Our new interface will not only give customers a really slick experience so that they can get the most effective security possible in place, but also they’ll be more productive than ever and maybe even get home for dinner on time.

I’m also thrilled since this is yet another example of how we’re keeping our promise to the market and our customers to deliver more effective security and make it simpler. If you joined us at Cisco Live in Las Vegas you were surrounded by this theme and examples of new Cisco products and services that make security more effective by keeping them simple, open, and automated.

Our new management console for low-to mid-range NGFW customers is designed for those who focus as much on network management as on security.

We call it Firepower Device Manager. It is a web-based console that makes it easier than ever for network admins to manage their NGFW. We’ve honed it through thousands of hours of user experience testing as well as lab and in production testing at major organizations. It’s the cleanest, simplest and most effective firewall manager Cisco has ever created – getting you connected AND protected in minutes.

Firepower Device Manager gets you connected and protected in minutes.

For a tour of the new experience, check out this 5-minute video overview.

https://youtu.be/vRUL_fR8KFo

I know our customers will love it. And it won’t take long with a setup wizard and workflows that walk you through getting the right access control and security in place fast.

  • 5 minutes to connection and protection: With a few simple clicks and some basic information, the initial setup wizard takes you through getting connected and protected in less than five minutes.
  • Simple user identification: User identification setup to protect employees is simple with a workflow that takes you step-by-step through configuring identify policies.
  • Easy access control: We bid adios to ugly IP mapping. With employees identified, simply click on users and groups to create user-based access control policies, instead of getting bogged down by traditional, time-consuming and complex IP mapping.
  • One stop for effective security: We keep it simple. Our access control screen lets you choose firewall constraints and policies, naturally, but also set policy for application visibility and control (AVC), URL filtering and even intrusion prevention (IPS) and Advanced Malware Protection (AMP). Quickly block what you don’t want going out and inspect what’s coming in. And if you want to customize any rules or configurations, that’s easy.
  • Bird’s eye view: A picture is worth a thousand words. That’s why we let you instantly see a visualization of the policies deployed and the traffic across your environment so you can know exactly what is going on.

Firepower Device Manager’s check-box environment makes NGFW connectivity and protection as fast and easy as deploying routers and switches. This lets you save time and energy that you can devote to other projects – or even life outside of work.

We hope you are excited too about the simpler, more effective security experience you’ll get with Firepower Device Manager.

Now for a last, all-important question: what’s for dinner?

We also think about simplifying security management for large, distributed enterprises. Check out how Cisco Defense Orchestrator lets network operations staff stay on top of managing security for dozens, hundreds or thousands of devices – all from a simple cloud-based portal. Easy and Effective.

Authors

Avatar

Jason Lamar

Senior Director

Security Product Management Group

1 Comment
Avatar

Vulnerability Spotlight: FreeImage Library XMP Image Handling Code Execution Vulnerability

FreeImage is widely used software integrated into over 100 products ranging from free to paid licensing and include multimedia software, games, developer tools, PDF generators and more.  FreeImage makes use of a common file format created by Adobe, Extensible Metadata Platform (XMP) that allows real-time managing of metadata.  Per Adobe, the XMP file format, allows users to “embed metadata into files themselves during the content creation process”, and FreeImage’s 3.17.0 integration of this file format into its software is vulnerable to an overflow in the “Colors Per Pixel” value of an XMP image.  Generally speaking, when FreeImage 3.17.0 opens an XMP file with a large enough Colors Per Pixel value, i.e. the number is too large, it is not handled properly by follow-on code in the function that uses it. You can liken it to taking a 99 oz. glass, turning on the faucet, and filling it up with 100+ ounces of water.  The water spills over and gets into areas you don’t want it to be.  In technical terms, the large value is not properly validated during the code execution and it can trigger an out of bounds write.  This causes an arbitrary memory overwrite that can effectively result in remote code execution. This is likely to be exploited if someone sends you a maliciously crafted image file as an email attachment or possibly via an instant message.

<<Read more>>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

1 Comment
Avatar

Any good reasons to visit The Hague this month?

hauge

Of course, there are plenty of good reasons to visit The Hague!

For those who’ve never been there before, The Hague (Den Haag in Dutch) is a city located in the western coast of the Netherlands. It is actually the seat of the Dutch government, but the city is not the capital of the Netherlands, which is Amsterdam.

More interestingly for the Telecom industry, The Hague will be hosting, for the first time, the SDN World Congress from October, 10th to 14th.

This is one of the major events in EMEAR to hear directly from key customers and vendors about latest SDN and NFV deployments and innovations.

As every year, Cisco is lining up some great speakers to share with you their industry insights. See below the list of Cisco speaking slots:

speaking sessions

Come to our booth (located on Level 0) to see live demonstrations of the innovative services being deployed using our open and modular architecture that combines SDN, NFV and open source technologies:

  • One demo pod will be showcasing Cisco Network Service Orchestrator (NSO) enabled by Tail-f, an industry- leading orchestration platform deployed in many service provider networks today. It provides end-to-end lifecycle service automation to design and deliver high- quality services faster and more easily. Learn how easy they are to adapt into existing deployments to accelerate service provider revenues while reducing their costs.
  • The other demo pod is showcasing Cisco and Intel NFV Infrastructure QuickStart solution. The Cisco, Intel, and Red Hat partnership on Network Functions Virtualization (NFV) provides a unique environment, in labs and more, for fast-track virtualization adoption and innovation. NFV reduces proof-of-concept (POC) time from weeks to days with a choice of Cisco or customer hosted activities.

We hope to see you there!

Last but not least, if you have some time left before or after the conference, I recommend you to visit the Mauritshuis museum which exhibits many paintings by Dutch masters, such as Johannes Vermeer, Rembrandt van Rijn.

Authors

Avatar

Frederic Trate

Marketing Manager

Service Provider Business Architecture, France

7 Comments
Avatar

Don’t Let Cool New Features Distract from Massive Disruption

Last December at Collaboration Summit we showed how you can integrate desk phones with Cisco Spark. One of the features we demoed was the ability to register a desk phone using a mobile phone generated QR code. This is an incredibly useful and important feature–and a great for an on-stage demo. But, if anyone left that day thinking this was the most important takeaway, they missed the massive disruption that Spark is introducing.

Born in the cloud, Spark is an open and programmable platform designed to deliver the best collaboration technology in the world. With revolutionary capabilities such as business messaging, file sharing, voice and video meetings, calling and more, Spark is bringing many more benefits than any single app.

Spark is entirely built for businesses. With world class security, manageability, compliance, analytics, and the best administrative console in the world it is setting the new standard for business SaaS offers. With all of these capabilities and the ability for developers to build on it, Spark is massively disruptive to leading on-premises unified communications system manufacturers.

If we saw ourselves as a leading on-premises UC system manufacturer, I’m not sure we would have ever introduced Spark at all. We’d be very wary of upsetting the applecart. Instead, we see ourselves as a collaboration business. Every day we come in thinking about how we can create the right collaboration tools, rather than thinking about just a better phone or the ultimate video conferencing system.

This need to think about our customers rather than our products is best articulated in Arthur Levitt’s seminal 1960 Harvard Business Review article “Marketing Myopia.” As the article summary explains,

“For companies to ensure continued evolution, they must define their industries broadly to take advantage of growth opportunities. They must ascertain and act on their customers’ needs and desires, not bank on the presumed longevity of their products.”

In other words: Be customer-oriented, not product-oriented.

Levitt’s most famous example is the railroads. He wrote the article at the end of an era for many railroads, some of which had been the world’s most powerful companies in their heyday. At that moment in 1960, the railroads were rapidly losing passenger business to the airlines. “They let others take customers away from them because they assumed themselves to be in the railroad business rather than in the transportation business,” Levitt wrote. “The reason they defined their industry incorrectly was that they were railroad oriented instead of transportation oriented; they were product oriented instead of customer oriented.”

Looking foward as a customer-oriented business, we believe the desk phone as we have known it will fade over time. Again, this would be worrisome if we consider ourselves a “manufacturer of desk phones.” But I don’t think about our UC team as a maker of desk phones.

I think about the desk phone and conference room speakerphone not as phones, but as small pieces of real estate on the desktop. That real estate will continue to be dedicated to communications. There may be something new in that space. It may look like a phone – it may not. It may have features not seen before, and it may drop some of today as “must have” features. But no matter what the look, I know it will be amazing communications and collaboration tool – and I expect it to proudly carry a Cisco logo.

One final note: In the next few quarters, you’ll see us introduce new video systems and collaboration hardware with cool flashy new features. Remember, those features are definitely important, but don’t let them distract you from the massive disruption happening behind the scenes.

Authors

Avatar

Rowan Trollope

Senior Vice President and General Manager

IoT and Collaboration Technology Group

October 2, 2016 1 Comment
Avatar

Your route to profitable growth is Cisco One

An opportunity to help you, our partners, grow your market share has emerged. By using a Cisco ONE software-led, go-to-market, strategy we will work together to unlock this opportunity. I am truly honored and excited to play a part in leading you in the development of Cisco ONE Software as the cornerstone of your business with us.

By deconstructing software and hardware, we are simplifying how you buy and sell software. How? With separate pricing options that provide incremental opportunities for you to drive a solution-centric, outcome-driven discussion with your customers. This new approach of separate pricing options for hardware and software has sprung a radical change, which provides incremental sales opportunities for you.

This further unlocks the potential of “services led” post sales engagements of lifecycle management, giving you insights and leads into newer areas of investment and technology spend by your customers. This perfectly aligns with our key objective of helping you expand your customer footprint and drive profitable growth. So let me share with you how does this new approach work for you and your customers’ benefit.

 

Perpetual ownership

For a start, Cisco ONE provides the option to own the software assets of our offering for perpetuity. This is a shift from the current right of ownership of the software which is tied to the life of the hardware. The perpetual ownership of software eliminates the need to buy the software again at the time of refresh, substantially reducing complexity and cost.

We are cognizant of the altering technology consumption patterns of our customers, and therefore, in addition to the perpetual option we offer Cisco ONE in a subscription model and as an Enterprise wide licensing agreement (ELA). This empowers you as our partners to offer your customers the flexibility in consuming our software assets.

 

Access to innovation

In this connected age, technology obsolescence and new trends result in shorter product cycles that subsequently increase the pressure to innovate and to provide our customers with the most relevant offerings, which helps them retain their competitive edge in their business.

Organic and inorganic innovation is at the centre of our software transition. We have been adding new software assets to our product portfolio through a very carefully crafted acquisition strategy focussed on software companies in the area of IOT, Cloud, Collaboration, Analytics and Security. These software assets complement our product offers and make our Cisco ONE software strategy more compelling to our joint customers.

Our customers continually benefit from our innovation cycles that give them access to new features and functionalities. A case in point is the integration of our recent acquisitions Lancope and CliQr into our Cisco ONE software bundles.

This, coupled with our engineering innovation cycles, brings together the benefits of organic and inorganic innovation to your customers, enabling them to access latest capabilities immediately.

 

Ease of refresh

The fact that your customers can permanently own the software creates great opportunities for you to drive infrastructure refresh discussions. The cost of software is no longer part of the hardware refresh negotiations. Deals are easier to do, resulting in an upswing in the refresh cycle.

 

Power to the Partner

Another significant aspect that is causing a great deal of excitement is that we are encouraging you, our partners to build proprietary solutions around Cisco ONE. This will help you drive innovation and transform business for customers as they ready themselves to compete & stay relevant in this new digital age.

This ‘software first’ approach is definitely a highly effective way for you to engage with your customers in defining their digital roadmap.

Cisco ONE helps you become more agile and provides an incredible opportunity to move your offerings and value up the IT stack. Your business can focus on delivering superior service, improved customer experience and drive better business outcomes.

 

Evolving our partner programs

We truly believe this software-focused approach to be the key to our joint success. We are constantly aligning our partner programs to guide you towards building a software-driven sales team, invest in pre-sales consultants, post-sales activation and adoption consultants that drive customer success.

Our Value Incentive Program (VIP) incentivizes you to guide your sales efforts and investment towards our software transition. The recently announced Life Cycle Advisor program and the Digital Network Architecture (DNA) offers provide a framework for you to build a successful Cisco software practice.

 

Our Shared Optimism

We are encouraged by the faith and support you have shown in our software strategy over the last two years and are inspired by your resolve to alter your traditional business models to help ride this exciting software journey with us.

I look forward to continuing to work closely with you to address the immense potential and possibilities that lay ahead of us in the APJ region.

We will continue to share product updates and other offers with you regularly through our newsletters and during your engagements with our Partner Managers.

 

What you can do today

Please visit the Digital Ready Sales Campaign website to learn how to initiate the digital ready discussions with your customers.

I also encourage you to stay connected with the regular updates on our software offerings and partner offers through our Cisco ONE Software site for partners. Let’s continue to leverage the Software led GTM & transform your customers to stay competitive in the digital age.

There’s Never Been A Better Time to Change the World Together.

Happy Selling!

 

Tarun Kumar Kalra is based in Singapore and leads the Software & Network Transformation GTM for the partner organization in APJ region.

Authors

Avatar

Tarun Kumar Kalra

GTM Lead, Software & Network Transformation

APJ Partner Organization

September 30, 2016 1 Comment
Avatar

Vulnerability Spotlight: OpenJPEG JPEG2000 mcc record Code Execution Vulnerability

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos

Overview

Talos has identified an exploitable out-of-bounds vulnerability in the JPEG 2000 image file format parser implemented in OpenJPEG library (TALOS-2016-0193/CVE-2016-8332). The JPEG 2000 file format is commonly used for embedding images inside PDF documents. This particular vulnerability could allow an out-of-bound heap write to occur, resulting in heap corruption and lead to arbitrary code execution. Talos has disclosed this vulnerability responsibily to the library maintainers to ensure a patch is available.

Read More

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

2 Comments
Avatar

New Cisco WAP361 Indoor Mounting Video now available

Hello friends!

Just a quick note to let you know there is a new Cisco WAP361 Video available. If you didn’t hear about this new model, here are some quick details about this new 11ac, Dual Radio dynamo.

With speeds up to 1.2Gbps, this new model offers a 5-port switch, of which one is a PSE (Power-sourcing-equipment) port that allows a backbone switch to power the WAP. It also offers a PD port where it can power devices such as an IP Phone.

The WAP361 has concurrent Dual Radio’s with 2×2 MIMO with two spatial streams on both 5.0 GHz and 2.4 GHz. It has a unique design that allows for install into an electrical or data junction box, making for upgrades for new and remodel installations. This model is a good fit for conference rooms, school rooms, small businesses with common areas, and in general, service, hospitality, finance and education.

Like all of our switch, routing and wireless models, the standard warranty is Limited Lifetime.

We have some exciting new coming later this fall. More on that coming soon.

Enjoy all,

Marc and the team.

 

 

Authors

Avatar

Marc Nagao

Product Manager

Small Business RV Series Routers