Over the past few decades, cloud consumption across the world has grown tremendously. We have seen servers get consolidated into the data center with resulting network simplification. While numerous organizations have been able to build successful businesses and network architectures consuming services from the cloud, there are specific use cases that are challenged with the cloud model. These use cases require stringent availability metrics, stricter data integrity and connectivity nuances that don’t fit well within the cloud model. Based on the specific needs, these use cases require the equipment to be located locally near or on the customer premise. In order to meet the needs of the customer there is a rapidly growing cloud business segment called the hosted private cloud. Cisco and NetApp are excited to deliver a joint hosted private cloud solution called the Managed EdgeCloud.
Cloud-in-a-Box Consumption Model
Network architects recognize that every use case and every workload is different. There are certain use cases that work better with resources that are either dedicated or in close proximity. A cloud-in-a-box solution can be hosted at the customer location as customer premise equipment (CPE) and managed by the service provider. Since equipment is located on the customer premise with the Managed EdgeCloud solution, it is ideal for users that do not want their data traversing the WAN, such as universities and research organizations. The user’s data security concerns are more bounded, given that data storage and usage remains within the local network. Additionally, the workload can be designed to deliver the metrics expected by the users. All of this, while maintaining the ease of consumption with a pure play cloud model. The service provider is still in charge of delivering the solution to the customer and delivering a preconfigured rack to the end customer that only requires connectivity to their network, power, and WAN. Once this is complete, the customer network is ready to go live. From that point onwards, the service provider can open up the solution and continue to monitor and manage it remotely.
Managed EdgeCloud Overview
Service Providers are looking for new ways to deliver value added services to their enterprise customers. They can fulfill this need for Hosted Private Cloud with the Managed EdgeCloud and extend their cloud infrastructure to the enterprise edge. This converged infrastructure solution from Cisco and NetApp is a prepackaged solution that they can be easily deployed at the customer location.
Managed EdgeCloud packs in powerful routing, storage and compute capabilities in a rack with an ability to support multiple concurrent virtual machines. The solution includes the Cisco 4000 Series Integrated Services Routers (ISR 4000) for routing, Cisco UCS E-Series Server blades for compute, and NetApp FAS platform for storage. It is available in different sizes, with the smaller size being a great fit for mid-market and low-end Enterprise branches. Additionally, there are some new powerful UCS E-Series Server blades that will be available in July. Please check out Vikram’s blog for details.
Benefits of Managed EdgeCloud Solution
Managed EdgeCloud delivers the ease of use of cloud, while providing all the benefits of a CPE solution:
OPEX Savings: Just like a pure play cloud solution, customers are saved from the operational overhead of managing their infrastructure, even though the equipment is located on premise.
Predictability: One of the drivers for this use case is the need for predictability from the network, storage and compute that comprise this solution. Customers can now realize the benefits of a cloud based model while avoiding the unpredictability of a cloud based model. This ensures that their business-critical network is always on.
CAPEX Savings: One of the challenges with CPE solutions is the complexity of the network due to multiple components. MEC solution comes prepackaged and saves the customer from having to deploy and integrate various products that often require a multitude of management systems.
Increased Uptime: The customer can now rest easy knowing their network will be always on with the remote monitoring and maintenance by the service provider.
Data Integrity: The customer IT can be assured that the business data and intellectual property is contained and processed locally, since the cloud is located on the premise. This is especially relevant for universities and research organizations.
With the promise of a hosted Managed EdgeCloud, we are just scratching the surface in terms of the options the solution unlocks.
Visit us at Cisco Live Las Vegas – June 25-29, 2017
The Cisco and NetApp team will be showcasing the Managed EdgeCloud solution at Cisco Live Las Vegas. Please visit us at NetApp booth#2115 to learn more about the Manage EdgeCloud solution.
Make sure to follow me on Twitter and LinkedIn and stay tuned for my next blog.
Digitization has resulted in an explosion of people, devices and processes interacting with each other. The current network, built to connect just people, is clearly incapable of meeting this demand. There is a need for unprecedented scale, automation, seamless mobility, visibility and security in the network. This can be made possible only by simplification of infrastructure and automation of network operations. Building this new era of networking has driven Cisco to innovate in many different ways.
Disruptive innovation often happens at the confluence of different domains. Harnessing the value that resides in these intersections results in the creation of disproportionate value. From a networking perspective, this meant innovation at the confluence of hardware and software; wired, wireless and Wide Area Networks (WAN); security and networking; automation and analytics; networking and applications. Cisco’s Digital Network Architecture (DNA) lays out a blueprint to bring together these different vectors of innovation in a cohesive architecture to create the network of the future.
Under the aegis of this blueprint, we recently announced a series of innovations. Innovation at the intersection of hardware and software resulted in the creation of the all-new Catalyst 9000 series, our first set of platforms purpose-built for DNA. Innovation along the vectors of wired, wireless and WAN has culminated in Software Defined Access, the first-ever policy-based automation from the edge to the cloud. The confluence of security and networking has given rise to Encrypted Traffic Analytics (ETA). ETA enhances the ability of the Cisco network to act as a sensor and uncovers threats hidden in encrypted traffic using machine learning (without decryption). Likewise, DNA Center (DNA-C) was a product of the innovation across the domains of network automation and analytics. DNA-C creates an abstracted layer that hides the complexity of networking. It makes available capabilities and insights from the network in simple form for application developers to use without having to learn networking. This platform also abstracts networking into simple, intuitive and intelligent constructs so the network can co-exist with the overall IT infrastructure.
In the industry, we often witness singular, unidimensional progress. What makes me proud of this launch is how we simultaneously delivered innovation across multiple vectors – at the scale we operate at. This is a testament to Cisco’s commitment to long-term, sustainable differentiation and broad-based investment. It is also a reflection of not just our technical depth and breadth but our engineering culture that encourages such cross-domain innovation and collaboration.
We’re awed and stoked by the magnitude of building an intent-based network. Working on this program has been an engineer’s delight. The Network. Intuitive. This isn’t just a new way of networking, although it surely is that, it is a new chapter in our engineering history and transformation.
Over the past 2 years, we have been systematically collecting and analyzing malware-generated packet captures. During this time, we have observed a steady increase in the percentage of malware samples using TLS-based encryption to evade detection. In August 2015, 2.21% of the malware samples used TLS, increasing to 21.44% in May 2017. During that same time frame, 0.12% of the malware samples used TLS and made no unencrypted connections with HTTP, increasing to 4.45%.
Identifying threats contained within encrypted network traffic poses a unique set of challenges. It is important to monitor this traffic for threats and malware, but do so in a way that maintains the privacy of the user. Because pattern matching is less effective in the presence of TLS sessions, we needed to develop new methods that can accurately detect malware communication in this setting [1,2,3]. To this end, we used the flow’s individual packet lengths and inter-arrival times to understand the behavioral characteristics of the transmitted data, and we used the TLS metadata contained in the ClientHello to understand the TLS client that is transmitting the data. We combine both of these views in a supervised machine learning framework allowing us to detect both known and unknown threats in TLS communication.
As an overview, Figure 1 provides a simplified view of a TLS session. In TLS 1.2 [4], the majority of the interesting TLS handshake messages are unencrypted, and are displayed in red in Figure 1. All of the TLS-specific information that we use for classification comes from the ClientHello, which will also be accessible in TLS 1.3 [7].
Data
Throughout the life of this project, we have maintained that the data is at the heart of our success. We have teamed with ThreatGrid and Cisco Infosec to acquire malicious packet captures and live enterprise data. These data feeds have helped to guide our analysis and develop the characteristics of a flow that are most informative. To provide some intuition about why the data features that we have analyzed are interesting, we first focus on a particular malware sample, bestafera, which is known for keylogging and data exfiltration
Behavioral Analysis through Packet Lengths and Times
Figure 2 shows the packet lengths and inter-arrival for two different TLS sessions: a Google search in Figure 2a and a bestafera-initiated connection in Figure 2b. The x-axis represents time, the upward lines represent the size of packets that are sent from the client/source to the server/destination, and the downward lines represent the size of packets that are sent from the server to the client. The red lines again represent unencrypted messages, and the black lines are the sizes of the encrypted application_data records.
The Google search follows a typical pattern: the client’s initial request is in a small outbound packet, followed by large response spanning many MTU-sized packets. The several packets going back-and-forth are due to Google attempting to auto-complete my search while I was still typing. Finally, Google thought it had a pretty good idea what I was typing, and sent an updated set of results. The server that bestafera communicated with began by sending a packet containing a self-signed certificate, which can be seen as the first downward, thin red line in Figure 2b. After the handshake, the client immediately begins exfiltrating data to the server. There was a pause, and then the server sent a regularly schedule command and control message. Packet lengths and inter-arrival times can’t provide deep insight about the contents of a session, but they do facilitate inferences about the behavioral aspects of a session.
Fingerprinting the Application with TLS Metadata
The TLS ClientHello message provides two particularly interesting pieces of information that can be used to distinguish different TLS libraries and applications. The client offers a server a list of suitable cipher suites ordered in the preference of the client. Each cipher suite defines a set of methods, such as the encryption algorithm and pseudorandom function, that will be needed to establish a connection and transmit data using TLS. The client can also advertise a set of TLS extensions that, among other things, can provide the server with parameters needed for the key exchange, for example ec_point_formats.
The cipher suite offer vectors can vary in both the number of unique cipher suites offered and the different subgroups offered. Similarly, the list of extensions varies based on the context of the connection. Because most applications typically have different priorities, these lists can and do contain a great deal of discriminatory information in practice. As an example, desktop browsers tend to favor heavier weight, more secure encryption algorithms, mobile applications favor more efficient encryption algorithms, and the default cipher suite offer vector of clients bundled with TLS libraries typically offer a wider range of cipher suites to help with testing server configurations.
Most user-level applications, and by extension a large number of TLS connections seen in the wild, use popular TLS libraries such as BoringSSL, NSS, or OpenSSL. These applications usually have unique TLS fingerprints because the developer will modify the defaults of the library to optimize their application. To be more explicit, the TLS fingerprint for s_client from OpenSSL 1.0.1r will most likely be different than an application that uses OpenSSL 1.0.1r to communicate. This is also why bestafera’s TLS fingerprint is both interesting and unique: it uses the default settings of OpenSSL 1.0.1r to create its TLS connections.
Applying Machine Learning
Feature Representation
For this blog post, we have focused on straightforward feature representations of three data types: traditional NetFlow, packet lengths, and information taken from the TLS ClientHello. These data types are all extracted from a single TLS session, but we have also developed models that incorporate features from multiple flows [1]. All features were normalized to have zero mean and unit variance before training.
Legacy. We utilized 5 features that are present in traditional NetFlow: the duration of the flow, the number of packets sent from the client, the number of packets sent from the server, the number of bytes sent from the client, and the number of bytes sent from the server.
Sequence of Packet Lengths (SPL). We create a length-20 feature vector, where each entry is the corresponding packet size in the bidirectional flow. Packet sizes from the client to the server are positive, and packet sizes from the server to the client are negative.
TLS Metadata (TLS). We analyze both the offered cipher suite list and the list of advertised extensions contained in the ClientHello message. In our datasets, we observed 176 unique cipher suites and 21 unique extensions, which resulted in a length-197 binary feature vector. The appropriate feature is set to 1 if that cipher suite or extension appeared in the ClientHello message.
Learning
All of the presented results use the scikit-learn random forest implementation [6]. Based on previous longitudinal studies that we conducted, the number of trees in the ensemble was set to 125, and the number of features considered at each split of the tree was set to the square root of the total number of features. The feature set used by the random forest model was composed of some subset of the Legacy, SPL, and/or TLS features depending on the experiment.
Results
We sampled 1,621,910 TLS flows from one enterprise network, Site1, and 324,771 flows from ThreatGrid (collected between August 2015 and December 2016) to train our random forest model. We then simulated deploying the model on unseen data from a separate enterprise network, Site2, and malware data collected during the two months following the previous data set. There were 2,638,559 sampled TLS flows from Site2 and 57,822 TLS flows from ThreatGrid during January and February of 2017. Table 1 presents the results of this experiment at different thresholds. 0.5 is the default threshold of the classifier, and the higher the threshold, the more certain the trained model has to be to determine that the TLS flow was generated by malware. The malware/benign accuracies are kept separate to demonstrate feature subsets that overfit to a particular class. For example, Legacy can achieve near perfect accuracy on the benign set, but these features fail to generalize to the malware dataset.
At a threshold of 0.99, the classifier using the Legacy/SPL features correctly classified 98.95% of the benign samples, and 69.81% of the malicious samples. These results are significantly improved upon if we combine information about the application (TLS) with the behavioral characteristic of the network traffic (SPL). The combination of Legacy/SPL/TLS was the best performing model on the benign and malware samples. At a threshold of 0.95, this model achieved accuracies of 99.99% and 85.80% for the benign and malicious hold out datasets, respectively.
Conclusion
Decryption solutions are not ideal in all settings due to either privacy concerns, legal obligations, expense, or non-cooperating end-points. Cisco has devoted time (mine especially) to developing research and products to fill these gaps and compliment current solutions. Our validation studies on real network data have shown that we can achieve reliable detection with minimal false positives. In addition to engaging Cisco product teams to further develop this work, we have spent time engaging a broader external audience through open source [5] and academic papers [1,2,3].
References
[1] B. Anderson and D. McGrew. Identifying Encrypted Malware traffic with Contextual Flow Data. In
Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, AISec ’16, pages 35-46,
2016.
[2] B. Anderson and D. McGrew. Machine Learning for Encrypted Malware Traffic Classification: Accounting for Noisy Labels and Non-Stationarity. In ACM SIGKDD International Conference on Knowledge
Discovery and Data Mining (KDD), 2017 (To Appear).
[3] B. Anderson, S. Paul, and D. McGrew. Deciphering Malware’s use of TLS (without Decryption). ArXiv
e-prints, July 2016.
[4] T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246
(Proposed Standard), 2008.
[5] D. McGrew, B. Anderson, B. Hudson, and P. Perricone. Joy. https://github.com/cisco/joy, 2017.
[6] F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer,
Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duch-
esnay. Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, 12:2825-2830,
2011.
[7] E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.3 (draft 20). https://tools.ietf.org/html/draft-ietf-tls-tls13-20, 2017.
It started in 2016 when we hosted two Partner Summits in the same year. That’s when we really began to walk the talk of recognizing our partners as an extension of our sales force. Alignment is one of Wendy Bahr’s guiding principles for our mutual success, and moving Partner Summit to follow GSX, our annual sales kickoff event, is one of the ways we create greater alignment between Cisco sellers and partners.
Our partners, who account for 85 percent of Cisco sales, play a critical role in shaping our business strategy and taking our solutions to market so you need to be looped into Cisco news, education, and customer conversations at every opportunity.
The newest opportunity to align is Cisco Live. For the first time, we are creating a dedicated partner track at this traditionally customer-focused event for IT professionals. Partner Days, June 26 – 28 in Las Vegas, will give you first-hand access to cross-architectural content and the chance to network with customers and other partners. With Tuesday’s announcement of “intent-based” networking systems, it is sure to be an exciting event, as we usher in a new dawn of networking.
The opportunity to profit through software sales and recurring revenue just got a lot bigger. If you’re a collaboration partner, you’re already well down this road with the Cisco Spark platform and Flex Plan. To lead our customers through digital transformation, it’s more important than ever to build your lifecycle practice, focus on software selling, and modernize our customers’ installed base.
I hope to see you next week at Cisco Live where you’ll hear all the latest about the new network. Be sure to attend the two collaboration innovation talks: “The 90s Called – They Want Your Workplace Back,” presented by Jens Meggers at 5 pm Monday, June 23 and “Worried about Putting Your Data in the Cloud? Good, You Should Be,” presented by Jonathan Rosenberg at noon, Thursday, June 25. Stop by the Collaboration Partner Village where 22 of our partners will showcase and demo how they work with Cisco. Partners who attend will also be able to meet 40 of our collaboration customers on Wednesday afternoon when they tour the partner pavilion. Let’s take advantage of this new way to align.
I am headed to Cisco Live in Las Vegas and I am looking forward to meeting with our partners and customers to learn more about their cloud plans and challenges.
Believe it or not, cloud has been around for at least ten years, and yet all the data points at my disposal tell us that there is room for continuous improvements since very few organizations have optimized cloud strategies in place. In other words, not many organizations have been able to define and implement their multicloud strategy to meet their objectives while extracting maximum value.
According to an IDC study, almost 70% of organizations lack advanced cloud strategies. The question is why? We decided to study a bit closer that 3% of organizations that are leading the way with optimized cloud strategies. And we did that for a couple of reasons. First, because they have been able to report greater business impact across a broad range of KPIs but more importantly also because we wanted to know what common traits they have and what capabilities enables them to get more value from their multicloud environments. We have captured many of these learnings in our Cisco Business Cloud Advisor (BCA) framework enabled by IDC.
You may have already read about the positive business outcomes that cloud optimized organizations on average can achieve. You can download the IDC InfoBrief to get a good overview.
Looking at the other side of the coin, what are the traits that cloud optimized organizations share from a technological point of view? Well, typically, the most mature cloud organizations tend to use DevOps more aggressively; they have a higher propensity toward hybrid and multi-provider clouds, and exhibit higher appetite for microservices architectures and containers. Cloud optimized organizations are also more likely to consume cloud-based security and Internet of Things (IoT) applications.
Specifically, 84% of optimized cloud organizations expect to choose from multiple cloud providers. They want a robust cloud strategy and they deploy workloads across multiple clouds to meet their objectives: Different clouds for different crowds.
Interest in containers and microservices architectures is also very strong across optimized cloud organizations. Organizations with lower levels of cloud ‘maturity’ do not exhibit the same capabilities or appetite to acquire those capabilities. Regarding DevOps, we all know that (at least intuitively) it is a best practice …. but it was great to see adoption of DevOps methodologies so closely aligned with cloud optimized organizations.
As always, it is not just about technology. Cloud optimized organizations also have solid governance practices in place with strong alignment between business and IT stakeholders. Other barriers that organizations often need to overcome include:
Line of business (LOB) and Information Technology (IT) misalignment
Insufficient monitoring, measurement and management tools for ‘hybrid IT’ environments
Potential processes, procedures, and skills gaps
Best placement of applications across multiple cloud deployment models
Integration with existing IT footprint
IoT and security applications delivered from cloud environments are contributing to the growth of the cloud market. At first, it is counterintuitive, because security is one of the major barriers to hybrid cloud adoption. And yet, as organizations mature in their use of cloud services, they tend to consume more security solutions delivered from the cloud. (see also my previous blog on the topic).
From an anecdotal point of view, our customers have shared with us similar perspectives: Cloud-based IoT applications rank high in the list of priorities that they have, second only to PaaS:
Source – Cisco BCA Adoption Report respondents N = 582
I will be discussing some of these topics during a breakout session at Cisco Live! next week bright and early on Monday morning. My intent is to discuss the Cisco Business Cloud Advisor framework and how you can take advantage of this data driven, IDC-enabled framework in conjunction with the capabilities that our partner community has to offer. Stop by and share with us your challenges!
TGIF! Cisco Live US 2017 is finally just a weekend away and I couldn’t be more excited to head to my first ever #CLUS! With about 27K+ people expected to attend in-person, over 170K attending virtually, and over 750 sessions across 10 different technology tracks, there’s so much to see and do and so little time to do it all! Needless to say, this is our biggest and best ever CLUS yet and I can’t wait to share the excitement with you, our esteemed customers and partners. We at Cisco, know how every day at the office is a new adventure for you. How hard you work to evolve, transform and protect your IT environment to keep pace with the ever-increasing demands of your end users. It’s no easy task, we’ll give you that- you’re the ones who hold IT all together; who keep IT running; the ones who will transform IT into a future that will truly amaze. You’re the ones. Heroes, Superheroes. You are IT and we salute you!
Which Superhero are you?
It’s about time your tireless efforts get the recognition they deserve, and this year’s Cisco Live has been created with exactly this mission- to celebrate YOU! We want to make sure you have the best time ever, in hot and happening Las Vegas, with all the fun, exciting events we have planned for you. I’m especially thrilled about the cloud sessions and activities that we have so carefully curated to ensure that you are empowered with the cutting-edge on everything cloud, making you true champions of the cloud. So, pay no heed to the tech villains lurking around. When you’re a Superhero, saving the IT world every day, it pays to have your head in the clouds.
To help you maximize your time at #CLUS (so you can head to the casinos at night with a ‘wealth’ of information), we have created a quick roundup of all the top activities you must check off your list:
Kick off #CLUS in style with the big man himself, Cisco CEO, Chuck Robbins. In his opening keynote on Monday at 10.30am, Chuck will share with you your mission, should you chose to accept it, to create the new era of networking. #NetworkIntuitive.
Make sure to visit the Data Center and Cloud booth (#429) at the Cisco Campus in the World of Solutions. Here, you can explore the latest Cisco data center and cloud solutions and get some hands-on action with live demos.
Meet with the cloud experts at the Cloud Education Zone or schedule a 1:1 meeting at the Whisper Suites. We are busting some cloud myths here once and for all.
Assess your cloud maturity by taking the Cisco Business Cloud Advisor (BCA) survey. Leverage IDC research on 6000 companies in 30 countries to learn the best practices for an optimized cloud strategy.
Elevate your expectations from cloud at the ‘Cloud Day’. Explore what cloud can do for you with security, networks and services for the cloud. Engage in a panel discussion with Cisco, SAP and Equinox.
Evolve, upgrade and manage your multicloud environment with cloud-focused sessions happening all week. These cover a wide array of topics such as ‘Cloud Strategy for a Multicloud World’, ‘Improving your Multicloud Journey’ and ‘Bridging the Cloud Gap’. For more information on all the cloud sessions and activities click here.
Don’t forget to create some 24K magic with Bruno Mars at our Customer Appreciation event on Wednesday at 6pm. After all, Superheroes need to have fun too (and boogie all night while they are at it!)
Top it all off with tons of opportunities to win some exciting superhero swag such as cloud tees, Amazon Echo Dots and even a mini drone! Just attend the Education Zone sessions, take the BCA survey or share your social media updates with #CLUS and #CiscoCloud
Even Superheroes have a dark side. End #CLUS on a high note with ‘Breaking Bad’ star, Bryan Cranston, at our celebrity keynote session on Thursday at 4pm.
Sounds like an information overload? No problem. Download our mobile app to help you access your personal schedule and recommendations on the go, network with other attendees, and navigate Cisco Live like a pro.
For those who can’t make it in-person, don’t FOMO. You can catch all #CLUSremote updates from the beach, pool or virtually anywhere. You can even view all the action in real-time via the live broadcast here.
I hope you’re now as kicked as I am about Cisco Live! #CLUS2107 is truly a star-studded event worthy of the Superhero that you are. So, grab your cape and register now if you haven’t already. We look forward to you saving the day at #CLUS!
Boats are a passion of mine. As any boating enthusiast will attest, boat owners are constantly looking for enhancements – a tweak here and there to improve their vessel and their experience on the water. However, you reach a point when there’s nothing left to fine tune and if bigger and faster is the goal, you have to buy a bigger boat.
Customer service follows the same premise. There are areas where small, incremental changes are an effective way to improve customer experience. But, as customer demands and expectations increase, a “bigger boat” approach may be required where you implement transformational changes to processes and systems that aren’t meeting customer needs.
Listening to customers is the best way to determine the extent of change necessary. Cisco has various customer input methods, but face to face interaction is one of the most valuable and effective. Customer events like Cisco Live are a great place to connect and gather feedback through interactive listen and learn activities in our Cisco Experience (CX) Lab.
We have a great team who takes this show on the road to Cisco Live venues around the world. Lauren Wright from Cisco Marketing recently set a course for Cisco Live Melbourne where the CX Lab engaged customers on experiments in three focus areas: digital transformation, post-purchase experience, and their online experience with Cisco.
I asked Lauren to explain the CX Lab activities in more detail, what they’ve learned so far, and how we’ll use the feedback to determine any major or minor adjustments needed.
Guest Author: Lauren Wright, Cisco Marketing
We’re navigating the globe, getting to know and understand our customers better so we can improve interactions with Cisco. The CX Lab is our workshop where we apply principles like human-centered design and qualitative research methodologies. This powerful combination helps us understand customer care-abouts on a deeper level.
But wait! Don’t let these research terms give you the wrong impression. We’ve designed the CX Lab to be interactive and fun – a must-see booth at our Cisco Live events. As Curt mentioned, we focused on three topics this year, gathering feedback to shape and improve these areas. Here’s an overview of what we did:
1. Digital Transformation – What does it mean for you?
Ahoy, mateys! If you’ve set sail on a digital transformation journey, we want to understand what you need from Cisco. Based on a sailboat analogy (just for you and the boaters, Curt!), this CX Lab experiment prompts your thinking about what’s driving your organization towards digital transformation or what’s holding you back. We also navigate into more treacherous waters using a pirate ship metaphor to get your input on the role of security as it relates to digital transformation. Insights from this exercise help Cisco articulate our vision for digital transformation and how we can help our customers get on board.
2. Post-Purchase Experience – You purchased a Cisco product, now what?
In this exercise, we walked in your shoes to learn what you experience when receiving, installing, using, and renewing Cisco products and services. Using an emoji scale ranging from big smiles to angry frowns (and every emotion in between), customers expressed a sentiment about each phase. With this feedback, we can streamline renewal experiences and make them more effortless. Results so far have given us improvement ideas such as enhancing post-sales care with onboarding materials for new products and doing a better job of incorporating training.
3. Online Personalization – You be the cisco.com designer
Using a whiteboard and magnets representing various tools and resources, customers and partners built the cisco.com of their dreams, customized with videos, white papers, product overviews, statistics, self-help channels, and other modules exactly where they want them. This exercise showed us how our site is used, what’s working, and where the experience breaks down. Feedback has helped us de-clutter and clean up cisco.com pages by prioritizing content, eliminating or updating outdated content, and adding new information such as data sheets and installation guides.
Our next port of call is Cisco Live Las Vegas June 25 – 29. If you’re attending the conference, please stop by and explore the CX Lab and experiment with us. You can also reach out to us directly at cxlab@cisco.com and we’ll set up some time to talk. Hope to see you in Vegas!
Next week at CiscoLive we will begin to introduce the next evolutionary step for Unified Computing. UCS was conceived a decade ago with the ambition to tackle some of the hardest problems that existed in the data center. The architecture that emerged from that thinking has changed the shape of the industry and changed the game for thousands of IT organizations. A project we call Starship defines where we will go from here.
Let’s Take this Party to the Cloud
The term “Merakification” has been coined inside Cisco to describe evolving our products to a cloud-managed paradigm. With UCS we’ve already centralized systems management and orchestration in the fabric. With Starship we move it to the cloud, and that’s a big deal.
Follow your Intuition
We think it’s time to start letting the machines manage the machines. With Starship we will build a cloud-scale foundation to collect, baseline and analyze system telemetry to feed recommendation engines and deliver actionable intelligence to IT. We see the potential for systems to constantly optimize themselves and take more operational burden off of our customers’ shoulders. It’s time to personalize the experience to their role, make it much more dynamic, and continue pursuing our goal of pervasive simplicity. This is the path to intuitive infrastructure.
Secure the Future
The best way to prepare for the unexpected is to build on an architecture that can adapt quickly and efficiently to changing requirements. That’s been a hallmark of UCS from the beginning. The first phase of Starship is coming later this year, and as a SaaS platform, will inherently provide a level of operational and architectural futureproofing that can’t be achieved with infrastructure-based approaches we’re familiar with today. If you’re making any big decisions about which computing architecture is going to carry you forward strategically, Project Starship is something to be aware of.
If you’re at Cisco Live next week and want to learn more, please join us the session noted below. We have a great panel lined up to discuss this and to share more about the project. You’ll also find a couple of demos available in the UCS area in the World of Solutions so please come by…and while you’re at it feast your eyes on our beautiful new M5 server lineup, which will be out as a preview as well.
There is a lot more to come on this topic so please keep an eye on the blog and stay tuned in with #CiscoUCS#CiscoHX.
I recently took part in a plant tour with a manufacturer in the early days of modernizing its plant floor. Two decades old, this factory had always relied on manual data collection. The team hand-carried operational data back to the office to be correlated and analyzed. Then they would make improvements or address issues they found during the evaluation.
It remained a long, tedious process and a task the operations and IT teams performed begrudgingly on top of their day-to-day responsibilities.
Upgrading the network to support better plant-wide communications
Installing Wi-Fi access points to collect data using handheld scanners
Upgrading their new manufacturing cells so they can integrate their manufacturing execution system (MES) to access data directly from the plant floor.
The overall goal of these solution investments is to improve production and yield. By centering on focused and achievable outcomes, this manufacturer is well on its way to building a platform to better support applications and infrastructure. In turn, that platform will make the company more efficient and improve its bottom line.
Real world deployments for industrial applications
This case study is just one example of an effective real-world deployment, but there are countless stories everywhere about why why industrial IoT projects fail.
