Do you have customers who come to your website, but are unable to find what they need?
Do your contact center agents have to try to explain over the phone how to find something on the website? Or verbally walk customers through forms and processes?
What if your agents could guide customers directly to the right information instead? And work with them to complete tasks?
If the answers to above questions are yes, we have good news for you.
Cisco Remote Expert Mobile and Co-browse provides a quick mechanism to set up a web-sharing session with agents/experts. Here’s how it works:
A customer can start the interaction by calling into a contact center via a telephone call or text chat on a website.
After connecting, if an agent realizes a co-browse session would more effectively resolve the problem, he or she asks the customer to click on a help icon to generate a co-browse code that the customer gives to the agent.
The agent uses that code to start the co-browse session. Now, he or she can see customer’s browser as well as “drive” to highlight, annotate, help fill out forms, and even push documents, images, and urls. This helps the agent work with the customer to find the information or complete the task needed.
In recent reports, Aberdeen lists the following as benefits of co-browsing:
Customer-satisfaction ratings of 78% with co-browsing compared to 47% for web self-service
4X more positive customer mentions within social media channels
3% annual revenue gain from upsell/cross-sell and fee-based consultation
Reduced error rate on customer transactions
Improved agent satisfaction through more intuitive customer interaction
Reduced online shopping cart abandonment
Cisco Remote Expert Co-browse allows you to integrate digital touchpoints into your traditional deployments. Allowing agents to see exactly what the customer sees helps them guide customers efficiently and identify issues rapidly. For customers, it reduces effort and improves satisfaction levels.
Remote Expert Co-browse is simple to deploy and here are some key points to consider:
Customer
No software install needed
No computer microphone, camera setup required
Agent
Intuitive instructions to give to customer to start co-browse
No VoIP troubleshooting needed
Enterprise
No telephony integration needed
Easy to add to website
space
Are you using co-browsing within your contact center? Have you experienced it as a customer? Please share your experiences in the comments below.
I can’t pretend not to be disappointed that a jury in federal court, having found that Arista copied Cisco’s user interfaces and that the copying was not justified by the fair use doctrine, applied the little known principle of “scènes à faire” to deny Cisco relief for Arista’s action. In laymen’s terms, justification by applying scènes à faire means the jury excused Arista’s copying because they believe that “external factors” dictated the selection and arrangement of some infringed features. We believe they misapplied, or misunderstood, this narrow doctrine developed to make sure copyright infringement does not extend to using commonplace elements from literary works such as a plot device, a character or a setting.
We were pleased that yet a third tribunal (after two separate International Trade Commission judges’ findings) has found that Arista intentionally copied Cisco, rebutting Arista’s claims to have developed their products from “a clean sheet of paper”. We will look to Judge Freeman to determine whether there was sufficient evidence to warrant the conclusion reached by the jury, as well as other grounds for setting aside the trial result.
Arista copied despite the fact that other competitors have developed user interfaces in a wide variety of ways that do not copy. Cisco’s user interface is well-known and successful, and while it has often been referred to as an “industry standard” – meaning a popular benchmark – none of Cisco’s technology in this case has been incorporated in any actual industry standard; in fact, no CLI standards body actually exists.
Our goal has always been to protect technological innovation, and stop Arista from using our copyrighted and patented technology. In the two separate cases before the ITC we’ve made significant progress toward that end. We are pleased the ITC has made a final ruling of infringement against Arista regarding three Cisco patents in the case known as ‘944, and a judge at the ITC has made a finding of infringement on two additional patents in the ‘945 case. It is in some ways ironic that the jury in San Jose heard testimony from Arista executives about their desire to respect others’ IP rights, but did not have the opportunity to hear rebuttals to those claims of respecting IP rights based on Arista’s own proven actions.
Cisco believes in fair competition as well as employee mobility, especially given that both are core elements of the innovation that is necessary in our industry. And we also believe in protecting the hard work of our employees, and the significant investments made to develop great products. This too, is critical for our industry. It motivates inventors to create the new technology that will meet the future needs. It encourages investors to have confidence in our company and its future. Cisco will continue its position of not being a litigious company. We prefer to invest in our people and products. But we will defend both in situations of egregious copying, like we’ve seen in our cases against Arista.
2016 has been a fascinating year for networking. We are obligated to say that every year, but this year truly has seen some landmark innovations. The industry has made some great strides with digital transformation and Cisco has been at the forefront with multiple network innovations and awards.
In my role, I have the pleasure of speaking regularly with our customers – CIOs, CTOs, engineers, line of business owners – as well as partners and service providers about their goals and challenges. At the same time, our own product managers and engineers, the most experienced in the industry, provide me a clear view into market adoption and an inside look at what innovations are just around the corner. No matter the source, one thing is clear: we are standing at the edge of a major technology shift. The past year has paved the way and set the stage for the future – a future that is rapidly coming into clearer focus. Here are ten ways this shift will shape enterprise networking environments in 2017.
1 – WAN Redesign: Many organizations are moving applications to the cloud, and will be making significant changes to their WAN architecture. The traditional “demilitarized zones” at their own data centers will be augmented, or in some cases replaced, by points-of presence hosted in co-lo facilities. Meaning, there is no need to back-haul cloud-destined traffic to the data center and then to the internet.
2 – NFV Comes to the Enterprise: Virtualization is hot right now – and with good cause. We’re going to see Network Functions Virtualization (NFV) spread from service providers to the enterprise – beginning in the branch. It will allow those leading-edge network teams with a multitude of branches to more easily provision, chain and scale branch network services.
3 – IoT in the Carpeted World: The Internet of Things (IoT) is becoming widely used in the operational technology (OT) part of the organization. Now COOs are beginning to see the value that IoT can bring to the workplace (the carpeted world). This can be via intelligent lighting, location services in the workplace or connected AC systems. Expect to see companies bringing together the myriad of “things” within their carpeted space and driving more consolidation—all enabled by better security mechanisms like segmentation and profiling.
4 – SDN Moves Beyond the Data Center: The seeds of software-defined networking (SDN) are already taking root in the data center and now the WAN. Expect the SDN seeds to start sprouting in campus fabrics for both wired and wireless environments. The vision of end-to-end programmability and automation across all network domains will start becoming a reality in 2017.
5 – Network Assurance Grows Up, Moves into the Cloud: Interesting opportunities are being enabled by machine learning. We’ll see much richer and more capable network assurance and troubleshooting capabilities. By delivering these capabilities from the cloud and leveraging the aggregated experiences of a broader set of networks, we’ll see much better (and faster) diagnosis and remediation.
6 – Location-based Services Goes from Niche to Mainstream: Wireless environments, especially in industries like retail, healthcare, entertainment and hospitality, are benefitting from the technology finally catching up with the promise of location-based analytics. Improvements in Wi-Fi combined with technologies like Cisco’s Beacon Point will now deliver on the promise of applications like wayfinding and space optimization. The result: location-based services in the enterprise will move from niche to mainstream.
7 – Voice over Wi-Fi at Scale: With VoWi-Fi support extending to Apple iOS devices and with expanded support from some of the major service providers, I think the user experience and roaming cost benefits will become more broadly available and realized this year, making the transfer of mobile calls to a Wi-Fi network more seamless.
8 – Network “Admin” to Network “Programmer”: As the world of network programmability and SDN become more prevalent, so will the need for new skill-sets. Network admins who can combine deep networking knowledge with programming capability have the opportunity to drive impressive improvements in speed and scale of network ops. I expect 2017 to be an inflection point in the number of network admins learning value-added programming skills through programs like the Cisco Learning Network.
9 – Programming Moves from Device to Controller: While device-level programmability is a foundation for sustainable automated networking, I predict there will be much more focus this year on moving up the stack to controller-based programmability. This is where the real simplification, scalability and sophistication of the network happens. The majority of programming innovation will happen at the controller level with direct impact on the services traversing the network rather than with individual devices.
10- Low Power Wireless Access Takes Off: Low Power Wireless Access (LPWA) is beginning to take off and spawn lots of new IoT applications. It’s an ideal solution for large-scale, low cost, geographically dispersed sensors with low data rate where long battery life/low energy consumption is needed. LoRaWAN is being used for a broad range of Enterprise use-cases and operators are looking forward to Narrow Band IoT (NB-IoT) to augment their mobile networks.
There you have it – my view on what networking shifts to expect in 2017.
Tell me what you think. Do you agree – or think I missed the biggest network shift since the Internet? I’d like to hear your thoughts and predictions.
2016 has been an exciting and eventful year for us at the enterprise networking team in Cisco. The year saw us make some rapid strides with innovation and product development all while being hundred percent customer focused. We delivered on our promise to create the best enterprise networking architecture for our customers. There are several milestones that stand out as I look back at the year.
From a stupendous launch for DNA, the launch of the enabling underlying single unified software stack Polaris, CMX Cloud and IWAN, the team displayed immense passion and a winning desire to continuously innovate. We are still soaking up and working towards the successful launch of our partnership with Apple. Likewise, our acquisition of Lancope provides a heightened level of network visibility, a key pillar to Cisco’s networking and security strategy.
The year was also special, for me personally, thanks in no small part to highlights like TieCon 2016 and the Global Big Data conference, our work on Inclusion and Collaboration and cultivating my social presence. These events shaped me and I owe tremendous gratitude to Cisco, my mentors and managers and my team of rock stars.
As any of you who follow me on social media know, my family is very important to me. In the same way, as a leader, my enterprise engineering family is important to me. Watching each one of you contribute to this great machine that we are a part of has been a privilege and a treat. It is because of this that I can confidently say that although 2016 has been an excellent year, I fully expect 2017 to be even better. I have a team full of people who are dedicated to and passionate about what they do. The future, truly, is ours.
Last year, in order to ensure we were delivering world class professional services for NFV and SDN to our service provider customers, we invested a not insubstantial sum from our services development budget in a market research survey, conducted independently by Ovum, to understand customer needs in this area. As a secondary objective, we sought to understand Cisco’s perceived position in SDN and NFV professional services across the service provider community – those that are Cisco SDN and NFV customers along with those who are not. The good news from our perspective was that Cisco was rated #1!
Figure 1: Vendor Rating by Service Provider Respondents – Cisco Rated #1
I hope you’re excited about our next generation 550X, 350X, 350 and 250 series switches. These new switches bring new capabilities, better performance and lower energy consumption at the same affordability of our classic 500, 300 and 200 series switches.
The online emulators for these new switches are now ready. Check them out if you haven’t done so.
While we work hard to bring brand new hardware to you as fast as we can, we continue to add new features to our software, so you can always enjoy additional capabilities on your devices.
Recently, we released 2.2.5 version for the next generation 550X, 350X, 350 and 250 series switches. A huge list of new capabilities are made available exclusively on these next generation products.
Smart Network Application (SNA) — An application that assists you to manage the Cisco SMB switching network. The application shows you an overview of the network topology, including detailed monitoring information for devices and traffic. SNA also lets you globally view and modify configurations on all supported devices in the network. Check out our previous blog for more information on SNA.
iSCSI traffic optimization on 550X and 350X series
Enhanced object tracking for VRRP – IP SLA object tracking for 550X series
Policy-based routing on 550X series (Added in 2.2.0)
Remote SPAN (Added in 2.2.0)
Embedded RADIUS server (Added in 2.2.0)
Support for 10G SFP+ modules — SFP-10G-SR-S= and SFP-10G-LR-S= SFP+ modules are now supported on 350X and 550X series switches. (Added in 2.2.0)
Multicast TV VLAN enhancement — You can now configure up to 256 multicast address ranges and, in each range, you can configure the full multicast address scope.
We hope you’re as excited as we are about those new capabilities. Download the software update today and try them out yourself!
Until next time!
Your Truly – Aaron and the rest of the Switch Team.
Growing up, I’m sure most of you heard someone at some point say, “Finish your plate, there are starving kids in the world!” Especially when your mom decided to try out that new broccoli soup. Yuck! Ever since then, I’ve always had a hard time watching food go to waste – and I take this sentiment truly to heart – to the point where I always carry snacks with me just in case I see someone who needs it more than I do.
I’m currently on the Engineering Early in Career team in Human Resources, and we plan numerous events throughout the year where we order food through Catering. As an Event Planner you try your best to estimate attendance for your event – sometimes you’re spot on and sometimes you learn from your mistakes. At one recent event, we were in charge of ordering both breakfast and lunch for two days. We expected a large turnout, but unfortunately, we were left with a lot of leftover food.
So what would you do with leftover food that could feed a small army? Most people would probably leave it, right? Or worse yet, throw it away. Not being able to bring myself to either option, I pitched another idea to my manager, “What do you think if we box up this food and take it to the homeless in San Francisco?”
Initially, he looked at me like I might be a little crazy, then a smile cross his face, “That’s a great idea!”
Seconds later, my team and I were boxing up all the extra food and loading the boxes into my car with our Tetris like skills. The thought briefly crossed my mind that maybe this was a crazy idea, but I brushed that aside and text my friend Brittany who lives in San Francisco, “I have a bunch of food leftover from my team’s event today and I want to deliver it to homeless people in the city tomorrow night. Do you want to come with?”
Usually down for anything, Brittany’s response was the one I had been hoping for and we began to plan our evening. Brittany’s husband also came along for our food deliveries, and before the sun event set – we had made it to a little camp just down the way from their apartment where some homeless were living in small vans or RVs, others had tents and cardboard.
Not wanting to waste any more time, we got to work and started handing out the food. What surprised me most was that everyone was so modest in what they took. They even asked if they could have more than one bagel or juice drink or dessert. We encouraged everyone to take whatever they wanted, there was plenty to go around!
The scene played out throughout the evening as we drove around looking for those who might be hungry. We met people along the way that forever changed my view on the homeless. They were friendly, kind, generous, humble, and had some amazing stories.
On our last stop, we stumbled upon another “homeless camp” where we knew we could unload the last of the food. We parked our car, and headed over with the goodies. Again, everyone only took what they thought was acceptable and nothing more, until we encouraged them to take whatever they wanted.
One of the women said, “I have some friends around the corner that could really use some food if you don’t mind walking with me.” The moment just struck me. She could have whatever she wanted right here and now, but she was thinking of her friends.
We followed the woman around the corner to a couple spots where we found her friends, and we gave away the last of what we had to hand out. The last woman we gave food to told us how her “home” had been vandalized by people walking by. She said she came back one night after she and her husband got into a fight and her “living room” had completely caved in on itself and there was garbage all over the place. Hearing these stories impacted me so profoundly because, especially after getting to know them, I just don’t understand how people could do this to anyone. They have so little already.
This night changed my life, and I was left with so many thoughts swirling through my mind. I was overwhelmed with emotion and compassion for the people we met. Time after time, they offered the food to their friends and others in the area. They took only what they thought was necessary, although they needed so much more. I learned humility, kindness, and loyalty from every path I crossed.
It certainly changed my perspective on how I live my own life. Cisco has such a big part in volunteering and serving our communities and this is why. Sometimes you may think you are just one person – you can’t do much. But you can! And within Cisco there are so many resources to connect you to opportunities that can enable you to give back in ways you never dreamed.
I’m extremely grateful that a mistake like ordering too much food for a Cisco event turned into such a beautiful and positive experience for so many. Some may say that I served the homeless that night, but they also served me in a really big way.
Adware has been around for a while now. In principle, displaying advertising in order to finance your software is not necessarily something bad. Users are used to seeing advertising everywhere: newspapers, magazines, and websites. When advertising was introduced to software, users had a surprisingly high tolerance for it. Later, adware applications became more aggressive. Publishers started bundling more applications and taking advantage of the License Agreements to install anything they wanted. Until today, users and companies tolerated these type of applications. Only in rare cases is there a plan in place to remove this software from the user’s computers.
Figure 1: Advertising-supported software displays advertising in order to generate revenue for its authors. Users are used to tolerate the advertising and companies do not usually have a remediation plan for this type of software. The real risk that Adware poses to the users is not widely known.
The adware landscape has changed in the last decade. Adware plays on user’s ignorance and blind trust of software manufactures. Adware is now installing additional software without a user’s knowledge, or consent. According to the 2016 Cisco Annual Security Report, more than 70% of organisations surveyed are affected by adware infections every month. By studying the network traffic associated with these type of applications, we discovered the most common risk is the information leakage they cause.
In this blog we expose the type of information usually leaked by these applications and how privacy is being compromised. We will focus on just one group of malicious ad-injector servers tied to more than 700 ad-injector browser extensions and adware applications.
In a recent study of commercial Pay-Per-Install (PPI Explained ecosystem, [Thomas, Kurt, et al] present an excellent classification of adware families. The main categories presented are:
Ad-Injectors: the most prolific of all, ad-injectors modify the content of the browser in order to display advertising that otherwise would be absent in the visited website (see Figure 2). The majority of the ad-injectors are browser-based infections in the form of malicious browser extensions.
Browser Hijackers: this type of adware makes more modifications to the system than traditional ad-injectors, highlighting words, changing the default search engine, showing pop-ups outside the browser.
Utilities: using social engineering, these applications trick the user to believe they are offering a benign service. They show problems on the system, such as an infection or poor system performance, and lure users to subscribe to their service to fix nonexistent problems. Utilities applications include system optimizers and software removal tools.
Figure 2: Ad-injectors, browser hijackers and utilities change system settings on the affected computed, leading to insecure configurations. Whether is in-browser ad-injection, pop-ups, word highlights or offering some fake service, all of them try to redirect users’ traffic to their own websites for profit.
Most of these adware families, from ad-injectors to utilities, are distributed through software bundles. PPI Affiliate Networks are in charge of selecting which software install, via fingerprinting of the compromised system and also the level of user consent required on the installations [Thomas, Kurt, et al.]. As exemplified in Figure 3, when the end user installs a seemingly legitimate application such as Merge MP3, other applications will be additionally installed, in this case a FlashBeat Browser Add-On. In many cases, the user cannot refuse installation.
Figure 3: Example of a bundle install, which installs additional software without opt-out option for end users. (Source: https://www.pcrisk.com/removal-guides/8644-ads-by-flashbeat)
There are hundreds -even thousands- of variants of ad-injectors. Grouping or classifying them is truly challenging. In our approach, we focus on the network traffic these ad-injectors generate. We discovered that different families often share the communication mechanism and the ad-injector servers that are used for retrieving the final advertising that is displayed to the user. At Cognitive Threat Analytics, we detect, track and study these groups of similar ad-injector servers. In the next section we will explore one specific group, its network activity and how it may not only collect but also disclose, private information from the infected users.
The ‘AMZ’ injection servers
As we mentioned previously, once an ad-injector is installed on the system it will start injecting code in the visited web sites which will load and display the desired advertising. The advertising that is displayed will depend on the economics of the ad-injection server. The behavior associated with the ‘AMZ’ family is shown in Figure 4.
Figure 4 (A) : Structure of the main network traffic components of the ‘AMZ’ ad-injector servers. Both URL strings (‘/amz/a’ and ‘/affs?addonname’) are unique for these group of ad-injector servers.Figure 4 (B) : Information sent by both main network traffic components of the ‘AMZ’ ad-injector servers. The first one is obtained by decoding the Base64 string of the URL.
In both URLs shown above (Figure 4 (B)), information is sent to the ad-injector servers: affiliate and sub-affiliate IDs, add-on name and HTTP referrer among others. In the last 20 months of data we studied, we identified 700 unique add-ons using these ad-injector servers, the most popular among them are Plus-HD, Cinema-Plus, PassShow and IntelliTerm.
Figure 5: Evolution of one add-on over the last 20 months, from version 1.1 to version 23.08 or version 6. While the versioning is a bit unclear, it shows us that the development is quite active.
Your digital presence exposed, multiple times, to… everyone
The other piece of information being exfiltrated is the HTTP referrer, which turns to be the most critical one. The logic of ad-injectors is very simple. They will try to inject advertising into everypage you open in your browser, making no distinction between external websites, internal websites, local files opened via browser or even browser settings pages. These malicious browser extensions will monitor every page you visit, even HTTPS sites. Additionally, these applications will inject not one but many pieces of advertising in every visited page. Often every piece of injected code will generate one of these HTTP requests to a different server. These leads to a complicated situation, where information is leaked to different servers every time.
A simple field like the ‘HTTP referer’ may leak critical information about the user, such as visited news sites, intranet sites of an organisation, user name, activities, personal preferences, location, political ideology and more. This type of information is usually collected when doing reconnaissance before an attack. In the image below we show some redacted examples of URLs exfiltrated on this ‘referer’ field to illustrate the importance of this field.
Figure 6: Examples of HTTP referrer’s exfiltrated by these ad-injector applications. Ad-Injectors do not distinguish between internal sites, files, error pages or external sites. They will attempt to inject advertising at any level and they see all the sites we visit through our browser.
There are three key problems with such leaked information:
Redundancy: multiple ad-injection servers are storing this information simultaneously, right now. When private data is stored in multiple malicious locations (even geographically), it increases the opportunity for misuse by malicious actors.
No encryption: the information leaked is sent through plain HTTP to the ad-injector servers, not only exposing your information to them but to anyone that is watching your traffic.
Historical visibility: as adware infections are not remediated, these servers are able to store your leaked browsing information for long periods of time, allowing them to build a pretty accurate profile of your online behavior.
Massive Scale
This ‘AMZ’ group of ad-injector servers is quite small in size. In Figure 7, you can see the amount of active servers and domains for the past 20 months, which consist of a couple dozen active servers and no more than one hundred active hosts at a given time. While this doesn’t sound alarming, the practice described here is common for other adware families as well. Our research team is tracking more than 80 different groups of ad-injector servers. All present the same behavior: leaking immense quantities of personal information every day.
Figure 7: Mapping of the infrastructure behind the ‘AMZ’ ad-injector servers. While is quite small in size, the same problems described here are used by many other adware families. At CTA we are tracking more than 80 families of ad-injectors.
Conclusion
While ad-injector adware seems to be only about injecting advertising, it is much more than that. Ad-injectors can leak tremendous amount of information about our online behavior, our every day activities, about our organisations and personal preferences. In many cases, third parties can abuse this information and endanger your personal security, or the security of your organisation.
There are three main problems associated with this information leakage that makes it even more critical:
Redundancy of the exfiltrated information
Lack of encryption makes the leaked information available to everyone with access to your traffic
Historical visibility as the adware infections are usually long lived due lack of remediation practices
While having an ad-blocker or script blocker will prevent the advertising to load and will protect users from the risks of the injected advertising, it will not solve the problem. Not being able to see if there is a malicious advertising injected on a page will make the detection of these infections difficult.
We recommend, in addition to having these solutions, you pay attention when you visit sites that you know are trusted and that they do not have advertisements. If you visit an internal site and you see advertising, there is a good chance you have an adware infection. These are not to be underestimated. Educate users to report them and include them in your Incident Response plans. While the risks of these individual infections may seem trivial compared to an information stealing Trojan, adware infections may leak more information than them. Stay safe.
Where to go next
To request a free evaluation that will uncover adware, as well as command and control communications lurking in your environment visit: https://cognitive.cisco.com/
What are your plans for the holiday season? Perhaps you’ll be visiting family or escaping winter weather by heading south of the equator. In my neck of the woods, many of us are also gearing up for winter ski/snowboard trips. That means we need a home away from home for a few days.
In the thick of this holiday travel season, hotels and resorts are preparing for the rush of guests who will be staying at their properties this month. As a result, hotel guest networks are sure to be impacted with mobile devices and bandwidth-heavy data usage, while guests expect seamless, hiccup-free connected experiences.
Personalized guest experiences with relevant, targeted promotions driven by location intelligence, and integration with property management systems for easy guest wifi access
Increase staff productivity with managing queues and allocating staffing through real-time and historical location analytics
For example, Hyatt Santa Clara increased their revenue by up to 20%, raised customer satisfaction scores, and doubled their Twitter following – all by deploying a high-performance Cisco wireless network and CMX location analytics for insights into guests and staff movements through the property.
Cisco Meraki has recently also announced new wireless solutions for hospitality that you can learn about in Pablo Estrada’s blog here.
Want to dig into this a little more? Join the #CiscoChat on Twitter with hospitality experts on Thursday, Dec 15, at 12PM to talk hospitality tech, digitization, and mobility. If you’re in the hospitality and tourism business, let me know in the comments below if you’ve deployed digital solutions to innovate guest experiences.
The year was also special, for me personally, thanks in no small part to highlights like 
CONNECT WITH US