Year: 2017

June 13, 2017 3 Comments
Avatar

Are IoT Technologies Making the Grade?

In the past few years, the Internet of Things (IoT) has swiftly moved from the era of pilot projects and proofs-of-concept to mainstream production. Companies are starting to run their businesses on IoT, not just experiment with it. While IoT is picking up steam, adoption is still limited by business structures, organizational culture, changing talent needs, integration with legacy systems, security, and fragmented standards. But what about the underlying IoT technologies? Are they keeping up with the accelerating demands of IoT?

Let’s look at some of the technology transitions IoT needs to grow:

  • Analytics and Artificial Intelligence (AI) are the “secret sauce” of IoT. We are moving swiftly from the traditional model of centralized batch analytics to the real-time processing of data in motion. AI and IoT are emerging as perfect partners. IoT is both the source of real-time data for AI applications, and the means of executing AI decisions. While many AI applications are still in the proof-of-concept stage, it is already a transformative part of many production IoT applications. In fact, AI technology is the backbone of predictive analytics and predictive maintenance, two of four well-proven “fast-paths to IoT payback” I have identified.
  • The Cloud-Fog Continuum is where data analytics does most of its work. In the traditional model, batch analytics took place in the cloud. Today, fog computing extends cloud capabilities to the edge of the network, where the data is generated. To save bandwidth and ensure real-time data processing, fog nodes can sort through mountains of data and send just exceptions back to the cloud for further analysis. In cases where latency is a problem, fog nodes can send real-time alerts—“drill bit is running hotter than normal”—so you can take immediate action. AI systems are moving in this direction as well. Once the logic is set, AI-systems can run in specialized fog notes using FPGA, or even ASICs. This will reduce costs and accelerate adoption of driverless vehicles and other real-time AI solutions.
  • IoT Security burst into public consciousness last year when a distributed denial of service (DDOS) attack shut down major websites around the globe. That was a wake-up call for the industry. Today, all major vendors are investing in IoT security on par with other security domains. Security companies and industry groups are accelerating work on standards, interoperability, certification, and security education. Businesses are rapidly moving from “security by obscurity” (my plant is not connected and thus secure) into comprehensive policy-based security architectures. These must be built into every part of IoT operations, focusing not only on before (how I can prevent hackers to enter my systems), but also during (how quickly I can identify I have been hacked and what data has been compromised), and after (how I can remediate the problem). Chief Security Officers now own these architectures for both IT and operations. In addition, the industry is actively developing solutions for new security use cases, such as vehicle-to-vehicle communication or new security paradigms for 24/7 operations.

IoT is also becoming the foundation for the growing adoption of other groundbreaking technologies such as blockchain and drones.

  • Blockchain allows a secure exchange of value between entities in distributed networks. Bitcoin is perhaps the most famous application of blockchain technology. However, enterprise-grade blockchain offers a wealth of applications that go far beyond any digital currency. For example, an energy company is looking at blockchain to manage the interactions between solar panels and the power grid. Automakers are considering the technology to authenticate the interactions among connected vehicles. Blockchain creates a tamper-proof record of transactions, so it’s ideal for tracing the source of goods throughout production and distribution. It can document food and drug safety, create smart contracts, and perform audits. Blockchain technologies (especially private, consensus protocol-based) are maturing quickly. We should see IoT production deployments later this year.
  • Drones have been over-hyped for their commercial possibilities, denigrated for their clandestine applications, and dismissed as high-tech playthings. But the Internet of Things makes drones business worthy, especially when combined with AI and fog computing. AI-powered autonomous drones can work longer and more efficiently than piloted drones. They can choose the most efficient flight path automatically, and can change it on the fly to avoid bad weather, trees, power lines, and other obstacles. Surveyors and map-making companies can use drones to document remote, rugged terrain. The scope of drone use is expanding rapidly from pipeline or cell tower inspection to warehouse inventory management.

The whole point of these technologies—and IoT itself—is to work together for business benefits. That’s why standards are so important. Without standards, there cannot be interoperability. And without interoperability, benefits will be hard to find. The industry has been evolving rapidly from a collection of overlapping standards, semi-standards, specialized and proprietary technologies into true interoperable standards. Such efforts have been focusing on three standardization thrusts:

  1. Interest groups in IEEE, IETF and other horizontal standards bodies are working to evolve existing horizontal standards to meet IoT requirements. Time Sensitive Networking in IEEE is a great example of evolving the Ethernet standard to meet manufacturing motion and safety requirements. This effort also meets in-car network requirements for level 3+ driverless vehicles.
  2. Vertical industry groups are migrating specialized or proprietary technologies to open standards. They are also standardizing foundational data fields essential for scalable data collection—for example, they are establishing a standard way to express “temperature” or “pressure” values. This effort is starting with controller-specific data and then moving to telemetry and diagnostics.
  3. Various consortia are developing frameworks and driving interoperability across their members’ implementations. One example is the OpenFog Consortium, which released the OpenFog Reference Architecture earlier this year.

Bottom line: I would give the state of the IoT technology a B-. On the plus side, technologies are maturing, solutions are becoming interoperable, and we see a lot of scalable production applications. On the down side, IoT security adoption by both businesses and vendors is lagging, as is migration to open standards. Both of these are slowing down and increasing the costs of implementations. Time to study up!

 

Authors

Avatar

Maciej Kranz

Vice President and General Manager

Corporate Strategic Innovation Group

Leave a Comment
Avatar

Embracing a New Culture for IoT

At the 7th International Internet of Things Expo in New York, I spoke on behalf of Cisco’s education services and the IoT Talent Consortium about the people side of organizations’ digital transformations. Here are my thoughts, summarized:

Digital disruption is happening all around us.

Most people think of the term “digital disruption” as a buzz word. But the truth is that it’s much more. According to the Global Center for Digital Business Transformation, 40% of market incumbents will be replaced in the next 10 years. This means that almost half of businesses today will be replaced in the next 10 years. It’s something we need to pay attention to now and get ahead of to survive in the digital era, Cisco included.

A new culture is necessary to embrace the IoT.

Within this new, IoT-infused environment, it will take not only technology change but also culture change to move businesses forward. Information technologies and operational technologies have converged to be on the same network. This means that we have to break down siloes, reskill traditional employees and think beyond simply “hiring-it-out” when approaching our own IoT implementations. We need a culture of continuous learning, collaboration and innovative talent acquisition in order to evolve with rapidly changing technologies and to push our businesses forward.

We must build trust, generate buy-in and encourage continuous learning.

In theory, it sounds easy to change a company’s culture. In reality, it’s more challenging. But I do believe that there are key elements from models for organizational change that can be used to aid in the process. Specifically, when talking about organizational change in Industrial IoT (IIOT) environments, a mixed model of strategies can be used. First, we must build trust with OT employees. Traditionally speaking, some employees in operational technologies have relied on human judgment in high risk scenarios as opposed to technology. In today’s environment, leaders must build trust with the OT in order to bring departments together. Once we have trust, we need to generate buy-in and engage employees by clearly communicating the business need for digital change. Finally, we must encourage continuous learning. Without continuous learning, our talent simply cannot stay up-to-date with the latest opportunities to generate business outcomes. By encouraging continuous learning, we encourage continuous growth of our organizations.

By building trust, generating buy-in and encouraging continuous learning, we as leaders create an environment in which culture change and digital transformation can actualize. To learn more about how Learning@Cisco is creating training to embrace a culture of continuous learning, visit our webpage. To learn more about how the IoT Talent Consortium is enabling organizations to accelerate the talent transformation in their IoT-enabled digital journey, click here.

Authors

Avatar

Sudarshan Krishnamurthi

Head of Business Strategy, Cisco's education services

Cisco Services

2 Comments
Avatar

Cloud and On-Premises: The Best of Two Worlds

Let’s be honest, when most IT people are questioned about cloud, immediately they would mention either Amazon (AWS) or Microsoft Azure; some may also mention Google Cloud Platform, IBM SoftLayer or even Rackspace. All of them are Public Cloud providers with their own expertise and offering as well as market share. According to a Forbes recent article, the more AWS and Azure compete to win customers, the greater the innovation and growth in Public Cloud adoption. The article has some interesting data points but, for the purpose of this blog, I’ll mention the following three:

  • Existing Public Cloud customers predict spending will grow 16% year over year in 2017
  • AWS dominates awareness levels with SMB’s who have existing Public Cloud deployments, with Microsoft Azure the most known and considered in enterprises
  • Microsoft Azure is the most-used public cloud and the most likely to be purchased or renewed

However, what’s in it for you as an IT on premise hero? I am sure that at least one of the following situations will resonate with you especially if you work in a mid-size organization either private or public:

  • Compliance and regulations from the government. If you are in a healthcare industry or, let’s say, retail; you don’t want to lose your customer’s data or, you may have some country issues with regards to data sovereignty.
  • Moving applications to private/public clouds and making sure that the user end-to-end experience remains great. From the user through the network and to the cloud

These two are situations where Hybrid IT takes place and your on premise world mixes with the Public Cloud.

Overall, 38% of all workloads are supported with on-premise infrastructure and platforms, increasing to 43% for enterprises.

This is an interesting statement especially when many people think about cloud, but mostly from the Public Cloud offering standpoint. Some people even believe that Public Cloud is all they need and that the infrastructure and network matter significantly less or perhaps not at all. This is not completely accurate, as you can see from the above graph. We are living in a Hybrid IT world.

According to an IDC report, Cloud adoption is growing, but relatively few organizations (only 3%) have advanced cloud strategies and it’s what we call the Cloud Gap. So, what’s causing this Cloud Gap? Growing complexity. That’s why It’s time to elevate the expectations of your cloud for a hybrid IT world. Where cloud helps you achieve your business objectives (with respect to agility, performance, risk, and cost) by meeting the new requirements hybrid IT operations, risk management, visibility and insights, and secure connectivity.

To help you close the Cloud gap and enjoy the benefits from both worlds; on premise and Public Cloud, Cisco and Microsoft has partner together to provide an integrated system for Microsoft Azure stack running in UCS servers providing you the following benefits:

  • The solution is specifically designed for rapid scalability and hybrid cloud workloads, with policy-based management, API-enabled automation, and hardware abstraction.
  • Hybrid clouds operate by moving virtual machines between private and public clouds. Cisco UCS was designed from the foundation to optimize the performance of virtualized workloads.
  • You gain hybrid cloud agility for Microsoft Azure services, with choices to manage on-premises governance, security, and performance in accordance with your organizational policies.

These are just a few benefits that address the above-mentioned situations of your day-to-day work. If you want to learn more about Cisco and Microsoft Azure stack, please go here. Remember, cloud is not a product but a consumption model. It’s not only Public Cloud either nor servers nor networking gear. It’s a holistic strategy that addresses the complexity of the new Hybrid IT world. Where you are on your cloud maturity level can be easily addressed by assessing your company under IDC best practices here.

If you want to learn more how Cisco can help you close the Cloud gap, go here.

Authors

Avatar

Sergio Licea

Marketing Manager

Cloud Solutions, Americas

June 12, 2017 2 Comments
Avatar

At the front of digitization

The disruption of businesses used to take decades, but, today, digitization is changing the business landscape at an unprecedented rate. While this is a global phenomenon, it is, in particular, showcased in Asia Pacific, where, on a recent trip, I was able to meet with customers who are on the cutting edge of these trends.

Asia Pacific’s leadership in this area was also highlighted by our latest Cisco Visual Networking Index forecasts, the most recent of which was just released last week.  As many of our readers know, the VNI forecasts look at global IP traffic trends and patterns and help us to analyze the dynamic factors that facilitate network growth as well as predict how the industry and our own individual use of networking will evolve.

By 2021, it forecasts the Asia Pacific will be the top IP traffic-generating region in the world, generating nearly 40% of the global total.  Of this, IP-based video will comprise 83% of it (a touch higher than the global average of 82%), and on the mobility front, Asia Pacific will account for a whopping 47 percent or nearly Half(!) of the globe’s mobile traffic.  That figure is likely to increase in future as mobile data traffic will grow 3 times faster than fixed IP traffic over the 5 year forecast period, in part, because 2021 also coincides with the rise of 5G hitting the mainstream. This next generation of mobile technology – or to put it more appropriately, this next generation of networking technology — will invariably take hold and enter the mainstream market first in Asia Pacific and help the average mobile network connection speeds to increase threefold, which in turn will enable an average smartphone to consume four times more bandwidth than today.

5G will accelerate the move towards digital as a transformative ecosystem that combines cloud infrastructure, virtualization, automation, intelligent edge services, distributed computing and more to derive insights from data that is generated by billions of devices.  5G’s ubiquitous connectivity, low latency and incredible bandwidth will also present businesses with an innovation platform to help drive new revenue opportunities leveraging that data and enabling whole new experiences.  However, the appeal of 5G is that it isn’t just a new technology for service providers to upgrade their network but also it is about what it can do for their customers on their path to digitization.

We will cover more on the impact on end customers in an upcoming post, but rest assured, in this age of disruption in the telecommunications industry, Asia Pacific will have many pioneering customers that not only are leading the way but also providing examples for the rest of the industry and the world to follow.  Disrupt or be disrupted.

Authors

Avatar

Doug Webster

Vice President

2 Comments
Avatar

Cisco’s IWAN (Intelligent WAN) for Your SD-WAN

Peter J. Welcher is a Cisco Champion, an elite group of technical experts who are passionate about IT and enjoy sharing their knowledge, expertise, and thoughts across the social web and with Cisco. The program has been running for over four years and has earned two industry awards as an industry best practice. Learn more about the program at http://cs.co/ciscochampion.

==========================================

The company I work for, NetCraftsmen, is seeing increasing levels of consulting customer interest in Cisco IWAN. That reflects either tech cool-ness or cost-savings — or both!

In a recent blog, I discussed some considerations for those intrigued by the idea of SD-WAN. For organizations with a Cisco WAN in place already, the risk and cost to try out IWAN may be low. We’ll get to that; first, let’s review what IWAN is, as a refresher for those who are not already familiar with IWAN.

About IWAN

IWAN is Cisco’s SD-WAN offering. It leverages the mature DMVPN technology, plus the rapidly maturing PfRv3 technology, to provide for hybrid WAN (MPLS + internet) or internet-based WAN.

The idea behind IWAN and competing SD-WAN offerings is that in many locations, internet SLA’s have improved vastly, and the internet costs are far lower than MPLS costs. Using application-aware technology such as PfRv3, sensitive traffic can be shifted off poorly behaving internet links. Putting all that together, there might be real cost savings if you use a couple of different ISPs and traffic shifts when one of them is having a bad day. Another alternative is to send most traffic over the internet path, VoIP, and sensitive traffic over MPLS, with failover to the other path if conditions turn bad.

The following diagram shows the basic IWAN setup.

 

basic IWAN setup

The heavy lines indicate DMVPN encrypted tunnels, one for the MPLS side, and another for the internet side. Each provides secure encrypted any-to-any connectivity between the branches and the hub. The PfRv3 shifts traffic between the two paths (up to five paths).

There are other Cisco functions that also fit under the IWAN banner. They include:

  • QoS (including DMVPN Per-Tunnel QoS for the hub sites)
  • WAAS functions to improve WAN performance
  • Application Visibility and Control (AVC), and NBAR2
  • Cisco Prime Infrastructure integration/monitoring/reporting

I did say “rapidly maturing” PfRv3. I recently had the chance to put in some extended lab time working with PfRv3, and almost all aspects worked as expected. This is worth noting, since PfR versions 1 and 2 had some rough spots. Since then, Cisco appears to have massively redesigned how PfR (v3) works, put in a lot of smart engineering, and done solid testing. There have also been some simplifications, which helps too. Admittedly, if you want different policies site-by-site, well, I haven’t figured out how to do that with PfRv3. But would you really want to have to manage that complexity?

The QoS is pretty much the same QoS we all have been doing. The CVD configurations align with Tim Szigeti’s/Cisco’s recent CiscoLive presentations at the last couple of U.S. CiscoLives, and the currently recommended approach to WAN QoS.

One reason I’m presenting these items as additional is based on my view of IWAN as layered. One can deploy it incrementally: put routers in the right places (if not already at WAN and internet edge), stand up DMVPN (routing between legacy WAN and DMVPN as needed), add PfRv3 application-awareness, then QoS, then other functions.

I see that as mitigating risk, or as letting sites incrementally deploy additional features based on their comfort level, staff time, etc. With a consultant helping, knowledge transfer might be a related gating factor.

Getting Started with IWAN

As noted in this blog, I discussed some considerations for those considering intrigued by the idea of SD-WAN. There are a couple of items that tilt the playing field in favor of Cisco IWAN for many organizations:

  • Low risk to piloting/implementing IWAN by leveraging installed equipment
  • Sunk equipment costs (i.e., you already have Cisco MPLS and/or internet routers in place)
  • SD-WAN vendors, being startups, don’t seem to currently want to talk to small potential customers

NetCraftsmen’s recent experiences have illustrated the power of these driving factors.

Admittedly, you have to still do some homework regarding suitability of the present routers:

  • If you’re planning on doing IWAN, you’ll need at least an ISR G2 for branch role, and an ISR 4K or ASR 1K for central or higher speed locations. The CSRv also supports IWAN, can act as hub Master Controller or branch router (e.g. cloud!).
  • You’ll also need the appropriate IOS code. Cisco documented the requirements here.
  • Check the model of router in place and its IPsec capacity. IWAN entails running DMVPN, which generally decreases throughput.
    • ISR 4K: See the Miercom report for details.
    • ASR 1K: The Miercom reports are dated. There’s some performance data starting on page 12 of this datasheet.

One place where sunk equipment costs might not come into play is where the customer has connected a MetroEthernet service directly to a firewall or Layer 3 switch. We do generally advise against doing that. Firewalls and switches do not support QoS traffic shaping to the contracted speed. When you’re operating at a speed less than the physical line rate, and if your WAN provider enforces the contracted speed, you’ll be taking random provider-induced packet drops during traffic bursts. That’s not the way to good VoIP/video quality on your MAN/WAN.

Having said that, budgets don’t always extend to buying a router plus a firewall for each site. So some sites may not be ideal candidates for IWAN, due to not having the prerequisite routers in place.

The cost for a couple of routers for a pilot project need not be all that high, however. So non-router WAN/internet-edge may not be a show-stopper. Your implementation plan will need to somehow “slide” the routers into the links (directly or indirectly), but there are several ways to do that — and a matching Cisco “brownfield” guide to help! I’ll admit, I have my own thoughts on the subject, which differ a bit from that document.

Tools

This blog is getting a bit long, so I’ll just mention some of the tools that you might use, especially if you don’t have a CCIE to spare for manual IWAN deployment.

Alternatively, many Cisco Partners should be able to support IWAN by now. NetCraftsmen would be glad to talk to you about that.

My personal inclination for deployment in brownfield is to do it manually, for better control, router by router. Your preferences may vary.

Viptela

We’ll have to see how the Viptela acquisition plays out, and how Cisco positions it. Will it be arms’ length, like Meraki and recent acquisitions, or will the Viptela GUI be adapted to also driver routers? Or some other mix? Time will tell.

One big question I’ll have, once I can see the documentation, is how to insert Viptela in brownfield, since there’s so much of it. And how smoothly that can be done. Right now, manual IWAN deployment (templates, not that bad) gives me the control I want.

Links

When in doubt, check out the Cisco Validated Design (CVD) document. There are two fresh PDFs, as of October 2016:

For more resources, check out the CiscoLive OnDemand library, and search on “IWAN.” Comments are welcome, both in agreement or constructive disagreement about the above. I enjoy hearing from readers and carrying on deeper discussion via comments. Thanks in advance!

Authors

Avatar

Peter J Welcher

Networking Consultant

NetCraftsmen

Leave a Comment
Avatar

Get Up to Speed on Security at Cisco Live US 2017

Your guide to all things cybersecurity at Cisco Live

Each year, thousands of people come to Cisco Live to learn and connect around the latest technologies. From visionary keynotes to cutting-edge technical training sessions, there are nearly endless opportunities. Navigating the conference can be intimidating, which is why we’ve selected some of the top opportunities to learn about the latest in security.

Keynotes & Innovation Talks

Hear from Cisco leadership and luminaries from the worlds of technology, business, and entertainment. Many of these sessions are also available to non-attendees through the Cisco Live broadcast site.

Opening Keynote with Chuck Robbins

Monday, Jun 26, 10:30 a.m. – 11:30 a.m.

Hear from Cisco CEO Chuck Robbins about new innovations in networking, security and business transformation.

Schedule session

Livestream: Broadcast | Calendar reminder

The Security Voyage to 2020

Tuesday, Jun 27, 3:00 p.m. – 3:30 p.m.

Where is Security going? What role does automation play? How does the cloud fit? Come find out what we’re doing to make next generation security a reality and how it will change everything.

Schedule session

Livestream: Broadcast | Calendar reminder

Security Keynote with Cisco’s John Stewart and Theresa Payton, Former White House CIO

Wednesday, Jun 28, 10:30 a.m. – 11:30 a.m.

In the digital era, business thrives on the free and open exchange of information and insight – and ensuring the security of data and communications is now a mission-critical priority that dictates broader strategy and investment decisions. This session will examine the current state of network security and the emerging solutions that will give businesses freedom and flexibility while protecting the integrity of the network and information assets.

Schedule session

Livestream: Broadcast | Calendar reminder

Hidden Figures: Securing What You Cannot See

Wednesday, Jun 28, 4:00 p.m. – 4:30 p.m.

How do you understand network traffic even when it’s encrypted and why would you care? Cisco’s Network as a Sensor (NaaS) solution enables customers to use Cisco Security integrated with network technologies to achieve increased visibility into users, devices and emerging threats.

Schedule session

Livestream: Broadcast | Calendar reminder

Technical and Business Sessions

Have an interest in a specific security topic? We’ve got you covered with well over 100 security-related sessions this year. Here are a few of the highlights:

Considerations for Securing the IoT

Monday, Jun 26, 12:30 p.m. – 1:30 p.m.

Billions of devices are coming online – but they are often not well-protected by today’s security stack. We’ll take a look at how we must call on an architectural approach to gain visibility and control of connected devices for defense capabilities specifically designed mitigate risks from threats directed at IoT.

Schedule session

Talos Insights: The State of Cyber Security

Thursday, Jun 29, 1:00 p.m. – 2:30 p.m.

Cisco’s Talos team specializes in early-warning intelligence and threat analysis necessary for maintaining a secure network. People responsible for defending networks realize that the security threat landscape is constantly in flux as attackers evolve their skills. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk we will perform deep analysis of recent threats and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.

Schedule session

How to secure your digital network with Cisco Enterprise Network Security

Monday, Jun 26, 5:00 p.m. – 6:00 p.m.

Digital transformation is demanding change at an unprecedented pace, putting extraordinary pressure on the network and increasing the need for advanced security. In this session, we will provide an overview of the Cisco Enterprise Network Security portfolio

Schedule session

Deploying AMP for Endpoints to the Enterprise

Sunday, June 25, 8:00 am – 12:00 pm

Session participants will learn about the AMP dashboard and navigation, how to configure outbreak control, endpoint policies, and managing computers and groups for deployment. Finally, the session will demonstrate event monitoring and analysis, device and file trajectory and reporting options.

Schedule session

Incident Response

Monday, Jun 26, 4:15 p.m. – 4:45 p.m.

When an organization is breached, incident response becomes the first action needed to figure out what happened and how the adversary succeeded. In this session, you’ll learn the differences between an incident response retainer service vs emergency incident response engagement, and all the aspects that are part of providing incident response, and what you can expect from a professional services partner.

Schedule session

Next Generation Security Services

Tuesday, Jun 27, 8:00 a.m. – 9:00 a.m.

With the market rapidly evolving toward digitization, Cisco is capturing extraordinary insights into the next generation of security. Even though security is the foundation for innovation and growth in the new digital environment, organizations are struggling to anticipate and respond to new threats due to complex and fragmented networks, and lack the ability to adapt with agility to changing business models. As the #1 cybersecurity company, Cisco Services is a digital partner by your side, and we position you to anticipate change and move forward quickly. In this session, we will cover the trends as seen, end-to-end, by Cisco security experts, examine real examples of the current threat landscape, and the impact to security operations.

Schedule session

Detect threats in encrypted traffic without decryption, using network based security analytics

Tuesday, Jun 27, 8:00 a.m. – 9:30 a.m.

Cisco’s network architecture provides a perfect platform for security focused network telemetry and analytics that can detect an in-progress attack (even when encrypted) and rapidly trigger policy driven remediation to mitigate the attack. This talk will describe network security solutions including innovations at the ASIC level that enable the software and security analytics.

Schedule session

Deciphering Malware’s Use of TLS (without Decryption)

Thursday, Jun 29, 10:30 a.m. – 12:00 p.m.

The use of encryption by malware poses new challenges to network threat detection because traditional pattern-matching techniques can no longer be applied to its messages. We address this problem in two parts and present a set of academic results on tens-of-millions of real-world, TLS encrypted flows demonstrating the efficacy of our approach.

Schedule session

Understanding Encrypted Traffic Using “Joy” for Monitoring and Forensics

Tuesday 6/27 11:00am-11:45am | Wednesday 6/28 12:00PM-12:45PM

The “Joy” open source package can track network flows and report on data features beyond those in Netflow, such as the distribution of bytes, the entropy, and the sequence of packet lengths and arrival times, as well as detailed information from TLS headers. With this data, we can better detect and understand encrypted traffic.

Schedule session

Privacy Scoping workshop

Monday, Jun 26, 2:00 p.m. – 2:45 p.m. | Tuesday, Jun 27, 2:00 p.m. – 2:45 p.m.

With the on-going focus on personal data via compliance, company policy, and end user expectations, this interactive session explores privacy engineering and demonstrate how to scope privacy and data protection requirements for any product, process, application, or system.

Schedule session

Targeted Threat (APT) Defense for Applications Featuring pxGrid

Monday, Jun 26, 1:00 p.m. – 1:45 p.m.

Targeted Attacks, which the media refers to as APTs, are threats that must be addressed by any organization requiring networked computers to do business. In this session we will go over the run book techniques used by these threat actors and then go over concepts and techniques that developers of network applications need to be aware of to mitigate those style of attacks.

Schedule session

Protecting the Device – Cisco Trustworthy Systems & Embedded Security

Monday, Jun 26, 8:00 a.m. – 9:30 a.m. | Thursday, Jun 29, 1:00 p.m. – 2:30 p.m.

With the increase in the sophistication in cyber-attacks, there is a growing threat of malware and tampering with the network infrastructure. Companies are increasingly concerned with the integrity and security of their equipment. This session provides an overview of the defenses that Cisco builds into the IOS operating system and hardware to protect the device. Attendees will learn how Cisco provides anti-counterfeiting measures, and how platform integrity can impact your security architecture.

Schedule session

Security Village in the World of Solutions

Located within the greater Cisco campus, the Security Village (map) will feature a Learning Lab, demo stations, a Customer Connection Program (CCP) presence, and more.

Deep Dive Into Demos

Check out the list below and stop by for a chat with one of our experts.

  • Next-Gen Firewall, IPS, and Management: With the Cisco Firepower®Management Center, you can centrally manage Cisco Firepower NGFW and NGIPS deployments. The Cisco Firepower Device Manager gives you local web-based management for Cisco Firepower NGFW appliances. The Cisco® Defense Orchestrator, a cloud-based policy management product, enforces high-level policy attributes on multiple Cisco security products.
  • Advanced Threat Protection: Cisco AMP for Networks, AMP for Endpoints, and Threat Grid technologies work together to stop advanced malware and ransomware threats.
  • Cloud Security: Cisco Cloud Security solutions include Umbrella, Cloud Web Security, and the recently acquired Cloudlock. All these technologies are cloud-based, easy-to-deploy solutions that protect your web traffic and applications.
  • Stealthwatch: Cisco Stealthwatch goes beyond conventional threat detection. With it you can harness the power of NetFlow for advanced network visibility, analytics, and protection.
  • Talos Threat Intelligence: Talos is Cisco’s industry-leading threat intelligence team. It helps protect people, data, and infrastructures from active adversaries.
  • Email and Web Security: The Cisco Email Security Appliance (ESA) and Web Security Appliance (WSA) are deployed on customer networks. They monitor, inspect, and apply policies to the two most prevalent threat vectors.
  • Secure Access: The Cisco Identity Services Engine (ISE) is the market-leading security policy management platform. With far-reaching, intelligent sensor and profiling capabilities, it delivers superior visibility into who and what are accessing your network. It’s a key component of the Cisco Software-Defined Access architecture for policy enforcement.
  • Network Segmentation: Cisco TrustSec®technology uses software-defined segmentation to simplify the provisioning of network access. With it, you can accelerate security operations and consistently enforce policy anywhere in the network. Learn how to apply group-based policies and share policy groups between the Cisco TrustSec and Cisco Application Centric Infrastructure (ACI) domains.
  • Meraki: Cisco Meraki’s cloud-managed security solutions combine Cisco’s best-in-class security technologies with the simple, intuitive Meraki dashboard. Learn how cloud management can make configuring and maintaining robust security for smaller networks.
  • Security Services: In this demonstration, we’ll show you how you can engage expert investigators along with continuous monitoring, advanced analytics, and leading threat intelligence to rapidly detect advanced threats. We’ll also show you a simulation tool that helps you build the skills of your own security staff to combat modern threats.
  • Data Center and Hybrid Cloud Security: This demonstration showcases Cisco’s advanced security protection for ACI data centers. We combine our virtualized Adaptive Security Appliance (ASA), Cisco Firepower NGIPS, and Next-Generation Firewall with Cisco’s Application Centric Infrastructure (ACI). The result: new levels of agility and protection for next-generation virtualized data centers.
  • Service Provider Security Solutions: This demonstration is all about service providers. Come by to learn how SPs can protect their own infrastructure and offer security services to their customers.
  • Security Integration: Products that work in isolation create complexity and limit their own effectiveness. Cisco products work together seamlessly. They share events, policy, threat, and contextual information, creating a unified security architecture. You gain greater visibility into an entire attack, along with an automated response.

Security Village Sessions

While in the Security Village, check out these quick 15-minute presentations. We’ll be covering 31 different topics, from incident response to access control and more.

Visit the Cisco TacOps “NERV” vehicle and team

See the Cisco TacOps team and their Network Emergency Relief Vehicle in action in the World of Solutions, Booth #829.

Walk-in Self-Paced Labs

Cisco Live’s Walk-in Self-Paced (WISP) Labs give you one-of-a-kind hands-on experience on a variety of products and solutions from Cisco. You’ll have the chance to work through pre-designed scenarios that show you firsthand how these technologies can transform your business. You’ll also have the opportunity to explore full configurations and new features, so you can make informed recommendations on which solutions are right for your workplace. All WISP labs are available on a first come, first served basis. Just stop by the WISP area in the World of Solutions.

Always-On security with Anyconnect, AMP and OpenDNS
Mobile users as they work on-network and off-network, while maintaining enterprise approved security policies on corporate endpoints

Cisco Umbrella(OpenDNS)
This session will deliver to its participants the concept of Cisco Umbrella(Open DNS) which is a cloud-delivered security service for Cisco’s next-generation firewall.

Cisco Security Product Roadmap Sessions with the Customer Connection Program

Want to learn about future innovations in our security portfolio? Join the Cisco Customer Connection (CCP) and attend exclusive roadmap sessions at Cisco Live US. The three roadmap sessions will cover: network security, cloud security and endpoint security. Learn more and register here. Note: These sessions are available exclusively to members of the CCP attending this year’s Cisco Live in Las Vegas.

See you in Las Vegas!

Let us know if you have any questions by leaving a comment below.

For more information about the security track at Cisco Live US 2017, visit our landing page. We’ll see you in Las Vegas!

 

Authors

Avatar

Brian Remmel

Marketing Manager, Security

9 Comments
Avatar

DevNet Uncensored @Cisco Live! What happens in Vegas Goes on #CiscoChat

DevNet Zone Cisco Live US 2017 is right around the corner and there is SO much we have planned for the DevNet community, and not just those able to make it in person to Vegas.  Nope… One of the things I’m most proud of about working at Cisco and in DevNet, is the large, global community we have, and how we are able to stay connected with everyone, even during the big events like Cisco Live.  And this year is no different.

#DevNet is teaming up with #CiscoSE
for #CiscoChat at #CLUS
(so many hashtags, so little time)

#DevNet will be hosting two (yes, TWO!) #CiscoChats during Cisco Live, where we’ll use the “video everywhere” capabilities of Facebook Live to transport our entire community into the DevNet Zone so you can see and hear what is going on.

#DevNetExpress #DevNet

The first #CiscoChat will take place on Saturday June 24th at 4 PM Pacific, where we’ll be checking in with the two pre-#CLUS #DevNetExpress events that are taking place the weekend before the main conference starts.  If you’re not familiar with DevNet Express, it’s a partnership program between #DevNet and #CiscoSE, where we box up and bring the DevNet Zone experience of Listen-Learn-Do into your own backyard for one, two or three days of hands-on exploration of Cisco technology.

Be sure to keep your eyes open for when these events will be coming to your neighborhood at http://devnetevents.cisco.com, and by following #DevNetExpress on Twitter!

#DevNet #CiscoChat

Silvia Spiva, DevNet’s Community Manager, and one of our Social Media whisperers, will be stopping the Cloud Collaboration and Data Center Infrastructure events to chat with the presenters and participants about what programmability means to them.  Find out how your peers are leveraging APIs to make their day to day lives easier and get ideas for your own toolbox.  Maybe even get a sneak peek at the amazing hands on content being unveiled at the very first Data Center Infrastructure event, or a teaser about what is possible for IT Pros with Cloud Collaboration.  Who knows what to expect when the Live feed starts up from Vegas?!  #DevNetUncensored!

#DevNet

And during the DevNet Happy Hour on Wednesday evening, June 28th at 5pm PT, we will ask the question, “What does Network Programmability mean to you?”  Silvia will once again go LIVE on Facebook with #CiscoChat to share some of the most “inspired” answers with everyone far and wide.  Computer networking is evolving, and the criticality of programmable interfaces, open ecosystems, and flexible platforms is on the forefront of everyone’s mind I talk to these days.  I’m very much looking forward to checking in with everyone all week to discover the unique and powerful ways you are putting the latest features to work.

And just one more thing before I finish up this post.  I’ve been busting at the seams to share one of the new additions to DevNet Zone this year, and I think the time is about right.

Do you have what it takes to take on the “DevNet Escape Room”?

Captain Cloud has been kidnapped by “The Shadow” and is being held captive in his secret lab.  Code Crusader is counting on you to help him break the Captain out, but to be successful you’ll need to bring your “A-PI” game and code your way through three challenges in Network Programmability, Collaboration and IOT!

But the clock is ticking and the pressure is on.  You only have 15 minutes from the door closing to get out the other side before being discovered and “Locked In” along with the Captain.  Prizes will be awarded for the best time each day, and a grand prize for the best time during the event.

For more information on the DevNet Escape Room, including how to prepare yourself for the challenge, check out Tom Davies’ blog on the DevNet Communities.

I’m stoked… are you?  Can’t wait to see everyone in Vegas or online!  

~Hank

 

Authors

Avatar

Hank Preston

Distinguished Architect

Learn with Cisco

16 Comments
Avatar

Cisco RV340 and RV345 Dual WAN VPN Routers

Hello all,

I thought it would be a good time to provide a quick update on our Cisco RV Series. As amazing as Rafael Nadal is as he took his 10th French Open yesterday at Roland Garros, our new RV340 Series models continue to amaze as they make their way to your local Cisco Partners!

Well the two thoughts may not be that close in scale, but we certainly do continue to hear how well people are liking their new RV340 and RV345 models. The new models possess the performance, reliability and ease-of-use that most products of their kind can not tout. It is this combination of features, security, performance, value, warranty and support that demands attention from our partners and customer alike.

All models offer Dual WAN ports for load balancing and failover, plus USB LTE modem connectivity for additional failover or pure LTE connectivity. There is support for the Cisco AnyConnect Security Mobility Client, which is ideal for remote access for mobile devices. Read up on each model on the above web links.

Now the fun part, the Cisco RV345P and the Cisco RV340W are about to hit the market. The PoE model and our wireless model will hit the channel in a couple of weeks. Also, we do have a new Wireless Access Point making it’s way to the market, it is called the WAP125 – but much more on all three of the new models coming soon, very very soon!

Remember to take a look at Cisco FindIT.

That was a quick update, but rest assured, we have been quite busy getting things done!

Have a great week!

The Small Business Team

Authors

Avatar

Marc Nagao

Product Manager

Small Business RV Series Routers

Leave a Comment
Avatar

Join Cisco Collaboration at InfoComm 2017

Are you headed to Orlando for InfoComm 2017? We’re packing up our favorite collaboration demos and heading to the Orange County Convention Center to share how you can use our tech to simplify the way your teams work.

Working together should be simple. The technology you use to collaborate should be simple, too. You’re most effective when you can focus on tasks, not tools. Join us to see how Cisco collaboration solutions simplify teamwork and face-to-face interactions, from the browser to the boardroom. Learn how you can deliver user experiences with consistent, compelling technology.

Complimentary InfoComm Expo Pass
If you’re going to be in Orlando, but haven’t registered for InfoComm, register here for a free expo pass with invitation code CIS460.

Visit Us in Cisco Booth 2129
If you’ve ever wanted to test out a Cisco Spark Board, here’s your chance. Visit our booth to discover how Cisco Collaboration solutions give you the space to exchange ideas, unite, and get things done – giving your business a competitive advantage. Take advantage of theater presentations in our booth from Cisco experts and our partners.

Experience our latest collaboration innovations and learn to connect to more people, places, and processes – using technology that’s intuitive. Discover how much more intelligent your meetings can be with video that goes beyond on-screen slides and talking heads.

And what would a trade-show booth be without prizes? We have those, too. Headphones, speakers, and the highly coveted Cisco Spark socks — oh my! Visit the booth, watch demos, and attend speaker sessions in our theater. Rules, requirements, and details at the booth.

For a preview of some of our demos, check out the rAVe Publications video series that did at the recent ISE 2017 show in Europe.

Visit Our Partners
Borderless Learning, EOS IT Management Solutions, Scansource KBZ, and Vyopta will be joining us in the Cisco booth to share their offerings and how they integrate with our products.

rAVe Readers’ Choice Awards
rave readers choice awardOnce again, Cisco was a winner in this award from the AV community. Thank you for naming us your “Favorite Conferencing / Collaboration Manufacturer.” This award is particularly meaningful because the nominations for come solely from the AV community, while many awards programs require us to pay entry fees. More than 86,000 people from 47 different countries participated in this year’s voting.

Check Out the IMCCA UCC Program Sessions
As an official sponsor of the IMCCA UCC program, Cisco representatives are participating in panels on a wide variety of topics ranging from cloud to mobility. Use the InfoComm event scheduler to add sessions to your schedule or get more information. (All Times Eastern)

Tuesday, June 13
11:30 – 12:30 p.m. Emerging Technology Day Panel Topics being addressed during the day include: audio technology, display technology, digital signage, control systems, video conferencing, huddle rooms, collaboration, the cloud, monitoring and/or managed services. Cisco Customer Panelist: Benjamin Boese, Director of IT Steadman Clinic

Wednesday, June 14
9:30 – 10:30 a.m. Anywhere, Anytime, Any Device: How Mobility and Consumerization Has Forever Changed Communications With the explosion of browser and mobile video, and the emergence of WebRTC, collaboration is now something that you do wherever you are. How do organizations handle the huge growth in the use of personal devices and manage them effectively? Cisco Panelist: Sean Lessman, CTO of Worldwide Video Sales

Noon – 1:30 p.m. State of the Industry Lunch and Learn Industry experts and senior executives address the latest issues related to conferencing, collaboration, and unified communications.  What disruptions are just over the horizon? Cisco Panelist: Jedd Williams, Managing Director, WW Collaboration Sales & GTM

1:00 – 2:00 p.m. UC As a Service: Has the Cloud Changed Our Sweet Spot? This panel will address pros and cons of the various Collaboration-as-a-Service options and explain what you need to know to use them effectively. Cisco Panelist: Ruth Nelson, Business Development Manager

Thursday, June 15
10:00 – 11:00 a.m. Touch and Collaborate: Interactive Displays Poised to Be Our Industry’s Latest Craze New products are driving exponential growth in the interactive display market. Cisco Panelist: Ruth Nelson, Business Development Manager

Noon–1:00 p.m. Unified Communications & Collaboration: The Roadmap UC has become the default term for next-generation, IP-enabled enterprise communications. Organizations can no longer consider video, telephony, instant messaging or collaboration products in silos. Jedd Williams, Managing Director, WW Collaboration Sales & GTM

Noon–1:30 p.m. End-Users Speak Their Mind: The State of Unified Communication and Collaboration Hear from end users and industry experts on their personal day-to-day experiences with UCC. Explore real-world examples of achievable successes and avoidable pitfalls. Cisco Customer panelist: Benjamin Boese, Steadman Clinic, Director of IT

Learn more about Cisco at InfoComm 2017.

infocomm theater sessionsCheck out the presentations in our booth theater, all times local. Topics and schedule subject to change.

Wednesday, June 14

10:00a   Work Your Way
10:30a   What’s New in AV?
11:00a   Partner Session: Borderless Learning — What You Need to Know When Deploying Cisco Spark
11:30a   Workplace of the Future: Powered by AI & Bots
12:00n  Work Your Way
12:30p   Partner Session: Vyopta — Getting the mOst out of Enterprise Collaboration
1:00p   Workplace Transformation: Creating the Next-Generation Collaboration Space
1:30p   Meetings of the Future Are Here Today
2:00p   Partner Session: ScanSource KBZ — Light Up Your Spark Practice
2:30p   Cisco Collaboration Architecture: Strategy & Vision
4:00p   Partner Session: EOS — Bridging Global Workplace Communications Solutions

Thursday, June 15

10:00a   Work Your Way
10:30a   Partner Session: EOS — Bridging Global Workplace Communications Solutions
11:00a   Partner Session: Borderless Learning — What You Need to Know When Deploying Cisco Meeting Server
11:30a   Workplace of the Future: Powered by AI & Bots
12:00n   What’s New in AV
12:30p   Meetings of the Future Are Here Today
2:00p   Workplace Transformation: Creating the Next-Generation Collaboration Space
2:30p   Cisco Collaboration Architecture:  Strategy & Vision
3:00p   Partner Session: ScanSource KBZ — Light Up Your Cisco Spark Practice
3:30p   What’s New in AV
4:00p   Partner Session: Vyopta — Getting the Most Out of Enterprise Collaboration

Friday, June 16

10:00a   Partner Session: ScanSource KBZ — Light Up Your Cisco Spark Practice
10:30a   Workplace Transformation: Creating the Next-Generation Collaboration Space
11:00a   Partner Session: Borderless Learning — What You Need to Know When Deploying Cisco Spark
11:30a   What’s New in AV
12:00n   Workplace of the Future: Powered by AI & Bots
12:30p   Partner Session: EOS — Bridging Global Workplace Communication Solutions
1:00p   Work Your Way
1:30p   Cisco Collaboration Architecture:  Strategy & Vision
2:00p   Partner Session: Vyopta — Enhancing Global UC Environments
2:30p   What’s New in AV
3:00p   Work Your Way

 

Authors

Avatar

Kim Austin

No Longer with Cisco