Year: 2017

June 19, 2017 1 Comment
Avatar

Following the Framework: Pro Tips From Cisco

The NIST Cybersecurity Framework is the core of the president’s recent cybersecurity executive order, and even before it became the foundation of a mandate it was darn good advice.

However, there is no one easy way to align a given IT organization with the framework; each one has its own unique considerations, limitations and advantages. To help federal IT leaders figure it out, Cisco Senior Director of Security Sales Will Ash and Public Sector Cybersecurity Specialist Steve Caimi offered some insights in an interview with Fedscoop.

Key takeaways:

Pay Attention: The framework is centered on managing risk, Caimi noted. However, each agency’s risk profile is different. That is a challenge, but also part of why the framework is powerful. It requires IT leaders to take an individual approach to assessing and understanding their own risk.

Follow the Risk: Once an agency has developed its own target profile, an analysis of areas of greater or lesser risk, it should let that profile inform its investment decisions, Caimi advised.

Remember the People Factor: Cybersecurity technology is robust and mature. However, Ash noted, a federal agency’s cyber workforce, and agency processes, often are not. “Even the most sophisticated and well-designed technology really can’t live up to the potential talent shortages or a lack of talent,” he said in the interview.

Leaders Must Step Up: The Executive Order specifies that agency heads will be held accountable for meeting the order’s requirements. That will serve as a spur to many to get involved in the process, where they might not have been before, Ash said.

Read the interview for more great insights from Steve and Will.

 

 

Authors

Avatar

Michael Hardy

US Federal SME

Cisco Americas Public Sector

1 Comment
Avatar

Accelerating Digitization with Cisco Enterprise Agreement

Transforming the way we do business

The Cisco Enterprise Agreement transforms the way Cisco sells software and the value we offer to the relationships we have with our customers and partners.

The Cisco EA is a cross-architecture, multiyear agreement that provides organizations enterprise-wide entitlement to suites of products and services. It provides access to any or all of the capabilities in collaboration, infrastructure and security with room for customers to grow later.

The benefits of Cisco EA go beyond the capabilities within the suites themselves. The agreement delivers an enhanced customer experience with flexibility in how they purchase Cisco software, and how they deploy it (on-premise, cloud, SaaS, hybrid, etc.).

Cisco EA supports customer transformations through digitization.

Transformation (noun): a thorough or dramatic change in form or appearance

Customer business transformations start with digitization and digitization starts with connecting people, devices, locations and data. Because a business transformation does not happen overnight, numerous issues can and do arise in a multi-year journey. Markets and industries often move faster than the rate of business transformation; this requires that companies have a flexible way to purchase, deploy, and adopt multiple products and services to be agile and stay competitive.

The Cisco EA supports a customer’s entire business transformation lifecycle by providing:

  • Faster, scalable, and optimized network connections with
    analytic capabilities that monitor status in real-time with Cisco ONE suites
  • Simple, intuitive applications to increase productivity and collaboration with the Spark collaboration suite
  • World-class security everywhere with Cisco security suites – built to work with Cisco or competitive products

All of these benefits are provided in a simple, flexible, and scalable way.

In addition to transforming their existing business with the ease of purchase that a Cisco EA provides, customers can also expand into new business opportunities by taking advantage of the “True Forward” and “Growth Allowance” features of the agreement. They help customers grow and consume Cisco software products worry-free and without penalty.

Cisco EA supports Cisco and partner transformations through standardization.

The Cisco EA standardizes the way we support our software business strategy of delivering ongoing value to customers, and how we support customer transformations through digitization. As Mark Hill, VP Digitization makes clear only the Cisco EA offers access to deep portfolio in a single agreement. Cisco is the only IT company that has the depth of portfolio to effectively support customer digital transformations.

The Cisco EA drives scale and maximizes revenue opportunities for partners and for Cisco. The new, centralized, standardized framework accelerates the time to market of new product and service offers to all existing and new customers, and simplifies field and partner led sales motions to accelerate future adoption of the program.

To find out more about the Cisco EA, please visit www.cisco.com/go/ea

 

Authors

Avatar

Hyunil Kim

Director, Strategy & Planning

CPO | Cisco Plus Operations

1 Comment
Avatar

Verizon Simplifies SD-WAN with Cisco Virtual Managed Services

Enable rapid delivery of Cisco Intelligent WAN service using self-service portal and zero-touch, fully-automated provisioning

Written by Dave Roberts, Director of Virtual Managed Services (VMS) at Cisco

Cisco recently announced that Verizon is now using Cisco’s Virtual Managed Services (VMS) as the foundation for the delivery of its SD-WAN service. Leveraging VMS, Verizon can now help enterprises to quickly place an order for SD-WAN services based on Cisco’s Cloud Managed IWAN and configure those services with the click of a button using VMS’s end-user portal. Setup and configuration is made simple with VMS’s zero-touch provisioning features. After the enterprise orders the service, VMS’s automated SD-WAN provisioning system takes over and new devices are added to the customer network in minutes, not months. If customers already have compatible equipment, there’s no need to wait for new equipment to be shipped and the service can be live with just a few clicks.

Cisco Virtual Managed Services

Cisco’s VMS is a software-defined services platform for managed service providers that enables the rapid delivery of profitable SD-WAN, security, and assurance services. VMS provides a self-service user experience and embedded orchestration infrastructure, allowing it to achieve an ROI of 200% and an OPEX reduction of 78% for the service provider. VMS works with the ubiquitous installed base of Cisco products and can be extended by service providers to create highly-differentiated offerings using both Cisco and 3rd-party technologies. VMS is extremely flexible and can deliver services based on software-defined network functions or physical hardware, deployed in the cloud or on the customer premises, ensuring that the system accommodates future service definitions and grows with the service provider.

Software-defined WAN (SD-WAN) is a new technology that provides enterprise customers with a simple, flexible, and cost-effective WAN transport. Cloud Managed IWAN is Cisco’s version of SD-WAN based on a variety of Cisco technologies already embedded in Cisco routers and firewalls. IWAN provides a flexible network topology using a variety of WAN transport types, including MPLS, LTE, and Internet. IWAN embeds intelligence in the network endpoints to route traffic over the best transport type given the importance of the traffic as determined by the end-user. For instance, an enterprise may decide that video conferencing traffic is business critical and should be routed over a high-performance MPLS network while web browsing is less critical and may be run over a less costly Internet link. If either of the links fails, IWAN routes the traffic over the remaining link as a backup. IWAN also makes security easy. Previously, creating a large VPN network required the configuration and maintenance of a large number of point-to-point VPN tunnels. This was complex, time-consuming, and error-prone. In contrast, IWAN creates a mesh of dynamic VPN tunnels between all the site of a large network, optimizing performance without increasing complexity. All IWAN traffic is encrypted by default, helping enterprises maintain high levels of security without increasing complexity.

VMS makes it easy for service providers to deploy IWAN as a profitable SD-WAN service offering.

Supporting Resources
•  Cisco Virtual Managed Services
•  Verizon+Cisco SD-WAN Workshop for Enterprises

Authors

Avatar

Melissa Zelyez

Marketing Manager

Virtual Managed Services

1 Comment
Avatar

New Frontiers: Anti-Aging Treatment for your Network

”Dog years”, the term is usually used to describe the age of a dog.  In the rough formula 1 human year = ~7 “dog years”.  I often feel that technology runs in its own form of dog years.  Every human year that goes by the rate of technology innovation accelerates.  This ever accelerating rate of change poses a big problem for the heart of many IT networks, the switch ASIC.

Thankfully, with Cisco’s Digital Network Architecture (DNA), flexibility sits at the core of the network thanks to programmability all the way down at the chip level. Your network needs to adapt, and this flexibility should not be inhibited by the ASICs of network switches. Cisco believes investing in network hardware shouldn’t be a risk, and that our customers should have access to not just current, but future unforeseen innovations.

At the heart of each network switch is an ASIC. The typical network switch ASIC wasn’t designed with flexibility in mind. Speed was the primary objective, and the tradeoff was flexibility and the ability to add new features in the hardware. This created a big challenge as ASIC development had to start 2-3 years in advance of a new switch and the new switch would then live on for 5-7 years in a customer’s networks.  This means a switch needed to be designed upfront with all the features it might need at the ASIC level for it to last up to a decade.  A decade of “IT years” can bring forth a tremendous amount of change.  For instance ten years ago was when the iPhone was first introduced.  It would have been almost impossible to foresee how the smartphone would completely change how people work.  For years, IT shops made this limitation work as they lacked a ready alternative, but this ASIC level limitation has greatly limited the flexibility and agility of modern networks. Cisco Engineering teams realized that with the rapidly evolving networks of today, businesses would need something different.

The Cisco Unified Access Data Plane (UADP) switching ASIC, which acts like an anti-aging treatment for your network, enables your network to keep up with innovations over time. With the UADP, IT teams can do a simple software upgrade and get a whole new set of network capabilities—all delivered at hardware speeds—because of the programmability of the UADP switching ASIC.

Episode three of Cisco’s five-part innovation series, “New Frontiers: IT Innovations in 5 minutes,” explores how businesses can engage hardware in their efforts to ensure their network is adaptable and flexible into the future. In this episode, you will meet Dave, an engineer who explains how the UADP switching ASIC will transform the way IT professionals engage with their ever-changing network, and how flexible hardware can still deliver top-notch performance.

 

Authors

Avatar

Scott Harrell

Senior Vice President and General Manager

Enterprise Networking Business

Leave a Comment
Avatar

Where’s my Endpoint?

Is there a way to know what endpoints are alive within your data center at this moment? Is it possible to continuously monitor the life of every endpoint – be it a Virtual Machine (VM), a physical host or even a container ? Enter Endpoint Locator or EPL!

With DCNM available as a manager for data center fabrics, we decided to incorporate EPL directly into DCNM. EPL has been shipping as a preview feature in DCNM since November 2016. General availability of this feature is now available with the DCNM 10.2(1) May 2017 release.

Where is my Endpoint

For a VXLAN BGP EVPN based data center fabric, Endpoint Locator provides near real-time tracking of every endpoint. Events such as endpoint coming up, endpoint going down, or endpoint move are now visible with a few simple clicks. EPL supports all kinds of endpoints, be it IPv4, IPv6 or Dual-Stack. In fact, EPL can literally locate anything with a MAC or IP address.

To provide context to the detected endpoint itself, additional information is gathered and correlated, resulting in a multitude of data points at your fingertips. Find your endpoints physical location with the reference to the associated switch and connected physical interface. Add in logical information such as VLAN, VRF or VNIs. The ease of access and visibility of such information within the data center is unprecedented for data center fabrics.

Once EPL is enabled via a simple wizard, it starts gathering information about existing endpoints and from then onward, all network events associated with the endpoint will be tracked.

Apart from a live endpoint dashboard, EPL also displays endpoint historical information for a time period specified in absolute or relative data ranges. The endpoints can be filtered by a variety of parameters including the VRF, network identifier, switch name, etc. Any search results are available for instant download.

In addition to the dashboard, EPL offers a set of Operational and Exploratory analytics views that are based on the collected endpoint data.

  • Network Historical View – Displays daily historical information about endpoints, networks, and VRFs in terms of currently active endpoints, endpoint additions & deletions.
  • Operational Heatmap – Displays holistic information on all the operations that have been occurring in the fabric on an hourly basis.
  • Endpoint Life – Displays a timeline of a particular endpoint throughout its entire existence within the fabric showing where the endpoint was located and where it has moved.

 

Stay tuned for more innovations like these which drive operational simplicity and visibility into data center fabrics using DCNM.

A Special acknowledgement to Shyam Kapadia for being the primary development lead for EPL; our journey started with an innocent break room conversation about a customer problem with respect to workload visibility.

 

Authors

Avatar

Lukas Krattiger

Cisco Fellow/VP, Data Center Networking

Technical Marketing Engineering

Leave a Comment
Avatar

Cisco Spark Board & Room Kit Series Win InfoComm Best of Show Awards

Whenever I contemplate a major purchase – whether a car or a laptop – third-party reviews and customer feedback has the most sway in my decision. When it’s a brand new product category, initial reviews and awards are critical in helping me reach a buying decision. And I know this holds true for many of you as you think about how to collaboration-enable meeting spaces.

We wrapped up a busy week at InfoComm 2017, one of the AV industry’s largest events. I’m happy to share that AV Technology Magazine awarded Cisco Spark Board with InfoComm Best of Show 2017. This follows our recent best-of-show award at Enterprise Connect.

To me, these awards are less about celebrating Cisco and more about giving you peace of mind as you explore the benefits of our products.

We developed Cisco Spark Board to meet the needs of the vast majority of conference rooms around the world that lack collaboration tools. And for the minority of rooms that have tools, Cisco Spark Board improves over the mess of wires, remote controls, projectors, analog whiteboards, phones, etc., that often make other conferencing technology too difficult to use.

As a three-in-one collaboration device, Cisco Spark Board provides wireless presentation, digital whiteboarding, and video/audio conferencing. Since it is wireless and fully touch-enabled, it’s also intuitive to use. You no longer have to figure out which dongle to plug in where or which remote goes with which device. We want the Cisco Spark Board to be the answer to the complexity of today’s meeting rooms.

This is why we believe AV Technology selected Cisco Spark Board as one of its InfoComm best of show winners. Judges remarked that it is a “Great conference room collaborative tool with easy controls… and easy wireless content sharing.”

Cisco Spark Room Kits
Not to be outdone, the new Cisco Spark Room Kits received Sound & Video Contractor Magazine’s Best of InfoComm award. I like to call the Cisco Spark Room Kits “video innovation in a box.” They integrate with any third-party screen to bring more intelligence and usability to all sizes of conference rooms. You can add advanced features such as speaker tracking, wireless sharing, and 4K content — previously the domain of high-end video conferencing rooms — to every room and for every team.

Into the Classroom
We saw a lot of enthusiasm for the Cisco Spark Board within the education community attending InfoComm. And Tech & Learning Magazine backed that up with its own InfoComm Best of Show award for Cisco Spark Board. Cisco Spark Board provides a physical portal into the virtual classroom, working hand-in-hand with the Cisco Spark app to connect physical and virtual classrooms. This allows teachers, students, and classmates to take part in continuous learning environments – before, during, and after class – remotely or in the classroom. Consolidating this functionality into a fully integrated software and hardware solution provides the capabilities in one easy-to-use interface.

https://www.youtube.com/watch?v=j7vbXRRAPyg&feature=youtu.be

.

Learn more about Cisco Spark Board in Education
Download the Cisco Spark app

Authors

Avatar

Snorre Kjesbu

Senior Vice President/General Manager of Webex Devices

Meeting Room Systems

Leave a Comment
Avatar

Delphi Used To Score Against Palestine

Executive Summary

This blog was authored by Paul Rascagneres and Warren Mercer with contributions from Emmanuel Tacheau, Vanja Svajcer and Martin Lee.
Talos continuously monitors malicious emails campaigns. We identified one specific spear phishing campaign launched against targets within Palestine, and specifically against Palestinian law enforcement agencies. This campaign started in April 2017, using a spear phishing campaign to deliver the MICROPSIA payload in order to remotely control infected systems. Although this technique is not new, it remains an effective technique for attackers.

The malware itself was developed in Delphi; in this article, we describe the features and the network communication to the command and control server used by the attackers. The threat actor has chosen to reference TV show characters and include German language words within the attack. Most significantly, the attacker has appeared to have used genuine documents stolen from Palestinian sources as well as a controversial music video as part of the attack.

Read More >>>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

Leave a Comment
Avatar

Vulnerability Spotlight: Multiple Foscam C1 Vulnerabilities Come in to Focus

Executive Summary

The Foscam C1 is a webcam that is marketed for use in a variety of applications including home security monitoring. As an indoor webcam, it is designed to be set up inside of a building and features the ability to be accessed remotely via a web interface or from within a mobile application. Talos recently identified several vulnerabilities in the Foscam C1 camera that could be used by attackers for a variety of purposes including access and retrieval of sensitive information stored on the camera, execution of arbitrary commands within the camera’s operating system, and in several cases, completely compromise the device. As these cameras are commonly deployed in sensitive locations and used as baby monitors, security cameras, etc. it is recommended that affected devices be updated as quickly as possible to ensure that they are no longer vulnerable.

In accordance with our responsible disclosure policy, Talos has worked with Foscam to resolve these issues, which has resulted in the release of a firmware update addressing them.

Vulnerability Details

Read More >>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

4 Comments
Avatar

Wait For It, Wait For It, 5G. It’s Here!!!

5G in the 3.5 GHz Band is Here

We have been talking about 5G for what seems forever, but it has only been a few years and happy to say we are finally moving forward.

We have been procrastinating about 5G and our next generation networks because of our dream of its potential to be a greater step forward than any of the previous mobile wireless generations. It truly is an exciting time in the Mobile Network Operator and Services Provider industries as we begin to transition towards a 5G world. Now with the 3.5GHz Citizens Broadband Radio Service, 5G is now a reality.

What is 3.5GHz Citizens Broadband Radio Service?

As part of former President Obama national initiative to develop and promote next generation of wireless networks (commonly referred to as “5G networks”), on April 17, 2015 , the Federal Communication Committee (FCC) adopted a Report and Order and Second Further Notice of Proposed Rulemaking (3.5 GHz Order) that established a new Citizens Broadband Radio Service (CBRS) for shared wireless broadband use of the 3550-3700 MHz band (3.5 GHz CBRS Band). Essentially this is the first unlicensed wireless spectrum to become available in US in the last decade, allowing growth of innovation in multiple fields.

The 3.5 GHz band is an innovation band. As a result of technological innovations and new focus on spectrum sharing, we can combine it with adjacent spectrum to create a 150 megahertz contiguous band previously unavailable for commercial uses. It provides an opportunity to try new innovations in spectrum licensing and access schemes to meet the needs of a multiplicity of users, simultaneously. And, crucially, we can do all of this in a way that does not harm important federal missions.”

Tom Wheeler, FCC chairman

Why is CBRS of so important?

Wireless connectivity has become increasingly important in our everyday life. It is widely used for work, play, and learn by everyone we know.
However, today the wireless communication faces several challenges:

  1. Cost of broadband spectrum is extremely high
  2. Rural Areas are underserved, preventing large portions of US population from fully taking advantage of all services and innovations.
  3. Emergency services are not available in many areas
  4. Rollout of 5G networks are hampered by inadequate spectrum

The new CBRS technology will create additional spectrum available for flexible wireless broadband use, leading to improved broadband access and performance for consumers. Additionally, I expect to see wide deployment of wireless broadband in industrial applications – advanced manufacturing, energy, healthcare, etc. – supporting innovation and growth throughout our economy.

Several examples of benefits are:

  • Better Internet Access to users in urban and rural areas:
  • Cellular coverage in previously unserviceable locations (basements, office buildings, etc):
  • Private LTE networks:
  • Industrial IoT innovation:

Cisco and CBRS

Cisco AP1572 5G CBRS ready
  • Last year Cisco joined the CBRS alliance – the main industry body to ensure interoperability and shaping the future of this technology
  • We partnered with SpiderCloud Wireless, leader in the 3.5GHz CBRS industry, to develop 3.5GHz bolt-on modules for Cisco’s outdoor AP1572
  • Showcased the module at MWC Barcelona in February 2017 to selected customers and partners
  • Together with SpiderCloud Wireless participating in a large outdoor CBRS trial for a large telecommunication provider
  • Will showcase the bolt-on module and the upcoming Cisco LIVE Vegas

So if you are attending Cisco LIVE US this year be sure to stop by World of Solutions – Enterprise Network & Mobility booth

Additional Resources:

Authors

Avatar

Jim O'Leary

Sr. Manager Mobile Solutions Marketing