Year: 2017

November 30, 2017 Leave a Comment
Avatar

CMS Brute Force Attacks Are Still a Threat

Brute force attacks have existed long before the Internet. As a cryptanalytic attack, it started being used as an attempt to access encrypted data when there were no other options available. With the rise of the Internet, this type of attack was quickly adopted. In a nutshell, a brute force attack consists of systematically trying different credentials until the correct combination is found. It’s like trying to open a combination lock by going through all possible combinations: eventually, it will pop open.

The main disadvantage of brute force attacks is that they usually take a long time. Also, attempting every user name and password combination against a certain system is now easy to detect. A variant of this method, known as dictionary attack, is able to increase the speed considerably. Instead of systematically trying every possible user name and password combination, dictionary attacks only try those combinations that are more likely to succeed. This type of attack usually relies on known lists of commonly used user names and passwords.

Cybercriminals are constantly looking for cheap, disposable infrastructure to host malware, transient command-and-control servers, or temporary resources for their activities. Distributed brute force attacks are one of their cheapest options: the attack is simple and still works. In this blog post, we explain how content management systems (CMS) are widely targeted, how malware uses brute force attacks against them, and how it’s possible to detect them using behavioral analytics.

WordPress is the most popular target

Brute force attacks are common against web services. Any website is a potential target. However, criminal actors usually choose the most popular to increase their chances of success. WordPress is one of their favorite targets. WordPress is a CMS used to create websites. It’s easy to set up, is built on open source, and provides a simple way of managing the content and look of the website. This platform is so popular that out of one million top websites on the Internet, over 75% are created using WordPress. Being such a strong market leader makes WordPress an attractive target for attackers. One popular type of attack is password brute force.

Figure 1: WordPress shares over 76% of the market. More than 18M websites on the Internet use WordPress.

The goal of this attack is to obtain valid credentials for the WordPress site and use them to access the admin panel. Access to the admin panel means that the attacker gains complete control over the website. Compromised WordPress sites can be used for different purposes: deface, steal credentials, host malicious files, inject malicious code to the pages, or make the website part of a specific malware infrastructure. For example, the Angler Exploit Kit, which was the biggest exploit kit on the market last year, used compromised WordPress websites to infect visitors with malware. We described the case of a hijacked WordPress website being a part of an Angler infrastructure in a previous blog.

Nowadays, malicious actors use their botnets to perform distributed brute force attacks against the CMS. In this scenario, every infected computer forms part of the attack. There are two types of brute force attacks that can take place. We refer to them as vertical and horizontal brute force attacks.

In the vertical brute force attack, every bot attempts a full dictionary attack against a single website. This type of brute forcing can be easily detected and blocked using a simple counter for user login attempts. This attack is illustrated in Figures 2.1 and 2.2.

Figure 2.1 –  In a standard brute force attack, an infected user systematically tries different user name and password combinations. Simple methods can easily detect this attack by counting the number of attempts and block users after a certain number of attempts is reached.

Figure 2.2 – In a distributed and vertical brute force attack, each infected user targets a specific website and systematically tries every credential provided by the bot master. The detection of this attack is the same as explained in Figure 2.1.

In the horizontal brute force attack, the bot master handles the dictionary used for the attack. Each bot receives a small subset of it, attempting a few user name and password combinations against a single website. From the victim perspective, it receives a few attempts by different hosts. No single bot exceeds the maximum number of login attempts, so triggers no alarm. This type of brute force attack is harder to detect and mitigate. This attack is illustrated in Figures 3.1 and 3.2.

Figure 3.1 – In a horizontal brute force attack, an infected host attempts a single user name and password combination per WordPress website. This makes detection much harder as simple counters do not trigger an alarm in this scenario.

Figure 3.2 – In a distributed and horizontal brute force attack, every infected host tries a different user name and password combination. All the individual bots, coordinated by the bot master, cover the full dictionary attack together.

Brute force attacks that originate from a company network can have negative repercussions; they could damage reputation of the company network or cause the company to be blacklisted due to the malicious activity. An endpoint infected with this type of malware is likely to also be infected by other more severe threats. This type of infection should be quickly contained and mitigated.

Brute Force Attacks Still Work

While WordPress is the most targeted platform, it’s not the only one. Joomla, Blogger, and Drupal are other CMS platforms that have also been targeted by malicious actors in the past. Attackers continue to rely on these methods, and the reason is simple: brute force attacks still work.

Figure 4: Summary of Web Content Management Systems (WCMS) by popularity

The past decade has seen quite a number of different botnets performing different types of brute force attacks. The two more prominent botnets are Mayhem and Sathurbot. Mayhem was first reported in 2014 by researchers working under the handle of MalwareMustDie. Sathurbot, a modular botnet, first appeared in 2013 and there have been several versions since then. Both threats are still active today, years after they first appeared.

Brute Force Detection Using Behavioral Analytics

Cisco Cognitive Threat Analytics is able to detect both types of WordPress distributed brute force attacks. As explained in our previous blog, Cognitive Threat Analytics works with HTTP/S proxy logs. To detect these types of attacks, we create a model for each user which reflects his activities on different websites. The behavioral patterns of a normal user are different from a user infected with malware. Most importantly, an ordinary user makes only a limited number of login requests to WordPress sites, if any. When a user gets infected with a malware such as Mayhem or Sathurbot, the infected computer automatically generates a huge number of WordPress login requests as part of the ongoing brute force attack. Our models reflect that. Cognitive Threat Analytics is also able to detect horizontal brute force attacks by modeling user behavior across different websites.

Figure 5 shows a real user performing a brute force attack as observed by Cognitive Threat Analytics. You can see that the attack lasted for two hours, making 9,028 WordPress login requests. You can also see that the malware performs on average three login attempts per website before moving on to the next website. This is a clear example of a distributed and horizontal brute force attack.

Figure 5: Horizontal brute force attack by an infected user as observed by Cognitive Threat Analytics.

Conclusion

Brute force attacks are a simple type of attack on different systems and web sites. They’ve existed for a long time and are still effective and widely used today. The attack is easy to implement and many tools are available to brute force attack different systems and services. Popular targets for attackers include WordPress and other CMS websites. WordPress is the most popular target due to the high number of websites on the Internet using this platform. Cisco Cognitive Threat Analytics is able to detect distributed WordPress brute force attacks by creating a user behavioral model from HTTP/S proxy logs.

An overview of the CMS brute forcing landscape was presented by Cognitive Threat Analytics researchers at the 9th edition of the BruCon Security Conference. The talk includes a historical overview of different malware families performing brute force attacks and an in-depth analysis on the Sathurbot botnet. A video of the talk is available below.

Authors

Avatar

Anna Shirokova

Security Researcher

Cognitive Threat Analytics

2 Comments
Avatar

Keeping Up with the Video Streaming Binge-Watchers

Video streaming services are hugely popular, with more and more people determined to stay up to date with the latest series.

But for service providers, the challenge is to keep up in a different sense. Because over-the-top (OTT) video streaming services like Netflix and YouTube account for an increasingly large proportion of traffic on today’s networks.

According to Cisco’s latest Visual Networking Index forecast,  82% of all consumer internet traffic will be IP video by 2021 – up from 73% in 2016.

And OTT traffic will be a large part of this. Our researchers found that, also by 2021, 71 per cent of all internet traffic will cross content delivery networks (CDNs), which are often used for distributing OTT content. That’s up from 52 per cent in 2016.

The report said:With the emergence of popular video-streaming services that deliver Internet video to the TV and other device endpoints, CDNs have prevailed as a dominant method to deliver such content.”

The growing importance of the aggregation network

The popularity of OTT streaming services means that they are increasingly dominating the internet. And this is driving change in the way that service provider networks function.

In the past, OTT traffic has typically travelled through the network core. But this has meant putting a big burden on infrastructure by streaming multiple pieces of content (such as films) across the whole network to different subscribers.

So to improve the quality of their services, OTT providers are increasingly opting to store caches of popular content in the parts of the network closer to the customer. This means they can send fewer films to these stores of content, which then distribute them to subscribers.

It’s a more efficient way of working. But as these caches are usually placed above the aggregation part of the network, this network area will continue to take the full force of growth in traffic. And that’s not sustainable with current technology – we need a different way forward.

Boosting capacity cost-effectively

One way of boosting network capacity is to make use of dense wavelength multiplexing technology (DWDM), which allows service providers to pass a lot more traffic along their existing network fibres.

In the past, the combination of hardware components needed to utilise 100G wavelengths was too large, power-hungry and complex to be deployed at this layer of the network.

But that’s now changed. We’ve created a streamlined IP router with integrated 200G optical uplinks, that you could fit in your laptop bag.

The solution can lead to total cost of ownership savings of almost 45% over six years, giving service providers a cost-effective way of creating the capacity in their aggregation network that OTT services increasingly require.

Laying the foundations for future success

And the benefits of investing in Cisco’s convergence solution extend beyond increasing bandwidth in the short term.

The reduced cost means that it’s also possible to deploy programmable technologies across the whole network, rather than just the core. It’s compatible with segment routing v6, for example – the technology that’s expected to unleash the low-latency services of the future, such as self-driving vehicles.

The sheer scale of future internet traffic is mind-boggling. Our Visual Networking Index forecasts that by 2021, annual global IP traffic will be 3.3 zettabytes (3.3 trillion gigabytes). That’s almost three times its 2016 level of 1.2 zettabytes.

Catering for this scale of demand will be a real challenge for any service provider. But it’s not an insurmountable one. If providers invest in improving the access and aggregation parts of their network now, they’ll have an infrastructure to cope with this explosive growth. And what’s more, they’ll have laid the foundations for lasting success in the decades beyond that.

So with Cisco, service providers will have a plan for sustainable success in a 5G world. And finding the time to keep up with the latest TV series? I’m afraid that’s one challenge we can’t help with…

Learn more about how we can help you affordably increase capacity in the aggregation part of your network

Authors

Avatar

Ben Colling

Manager, Sales

Global Service Provider, EMEAR

37 Comments
Avatar

Where there is a whisk, there is a way!

Your will is a strong factor in helping to guide you as you figure out your way in life. For me, as a baker and a Recruitment Coordinator (Global Staffing Administration) lead at Cisco, my motto has become, “Where there is a whisk, there is a way!”

I’ve always had a love for food, and baking has been an extension to my passion for all things yummy. For the longest time, I was just baking for my family. I would, of course, share my creations on Facebook which started a few playful taunts around the office, “Preeti, when are you going to bring those delicious treats we see on Facebook all the time to the office?”

And then the time finally came to treat my co-workers! I made batches of cupcakes for the team at work and it was very well received. Yet, even then, baking was still just something I did for fun.

One day a friend of mine called in a frenzy – her baker had just backed out from baking her son’s birthday cake four days before the birthday! She wasn’t sure what to do with such little time, and then she offered, “Why don’t you make the cake, and I’ll pay you?”

I was shocked! I had never thought of this passion as something beyond providing treats for my family. I asked what she had in mind, and it seemed possible – so I went for it! And that is how my first professional cake came to be.

Soon thereafter, a Cisco co-worker asked if I could possibly do 150 cupcakes for an event she was hosting. Up until then, I had never made more than 24-30 cupcakes at any one time, and now I was being asked to do 150! There is truly something to be said about the level of trust, and confidence your Cisco co-workers place in you. She was convinced I was the baker for this event, and so…I took up the challenge! I have since baked for a couple of teams on multiple occasions and each one has been a rewarding experience

You might be asking yourself, “What does any of this have to do with working at Cisco?” And I would say, “A lot.” 😀

Working at Cisco and baking are very similar in my eyes, most especially because both are work that is driven by passion. By bringing my baking into the office, this has also shown me so much about the Cisco culture and the amazing people that I work with every day. They do not need to take an interest in my passions outside the office, but they do – because we really care about each other. I also love that Cisco’s flexibility encourages you to pursue your passions outside of the office. Your love for something besides work is appreciated here, and – to me – is all the encouragement one needs to chase after ALL of their dreams in life.

Innovation and change has been key here at Cisco, and what I have come to realize is that the same goes for the world of baking. Working at Cisco has opened my eyes to see how innovation is around us daily, and I see a world that is constantly changing, innovating, and reinventing itself.  Why shouldn’t it be the same for my baking?

Creating my desserts is no longer about simply mixing up a batter and loading it with frosting. The list is endless with what I can do with cake – yes, cake! From gravity defying cakes, rotating cakes, hanging cakes – there is so much that can be done when the options are endless, and I am ready to embrace the challenge.

This is something I’ve learned because I’ve worked at Cisco. When you #LoveWhereYouWork – you end up stretching your limits to learn something new, face challenges, and discover what you are truly capable of.

 

 

Want to work somewhere pretty sweet? 😉 We’re hiring! Apply now.

 

Authors

Avatar

Preethi Ramakrishnan

India GSA Lead

Global Staffing Administration

November 29, 2017 Leave a Comment
Avatar

Cloud Unfiltered Podcast, Episode 27: Cloud Storage with Joe Arnold

Are you a lover of data storage technology? Do your ears perk up when you hear terms like “data gravity” and “erasure coding”? Do you enjoy a good debate about the proper uses of deterministic data placement versus algorithmic placement?

Then this is the podcast for you.

In this episode, SwiftStack founder and CEO Joe Arnold talks about those very things and much, much more. In fact, during our 41-minute chat, he gets into a level of storage detail with a level of storage enthusiasm that you probably won’t run into anywhere else in the podcast world. I feel safe saying that.

The great part about all this detail and enthusiasm is that even if you are not currently a storage expert—if you are merely someone who aspires to become a storage expert—this is the podcast for you as well.

I speak from experience. Having participated in this discussion, I can now explain to you the difference between erasure coding and replicas. And I’m a marketer for crying out loud. I don’t know how to say this without offending my colleagues, but technical depth is not always our strength.

So whether you’re a storage fan because you love it already or because you want to love it more, I encourage you to tune in to this week’s episode of Cloud Unfiltered. Some of the other things we cover during this particular chat include:

  • How and why Joe started SwiftStack
  • Whether you should put sensitive data in the public cloud
  • Why SwiftStack is committed to keeping data in its native format when storing it
  • How AI will improve storage strategies in the future
  • The impact of the network on data storage
  • Why cost Is not the reason to move to the cloud

This is typically a video podcast, and you can see it on our YouTube page, but because the recording malfunctioned and only showed my face for the entire 41 minutes, I encourage you to listen to the audio version on iTunes instead. Really. And if you like what you hear, we invite you to subscribe to our channel so you don’t miss any of the other exciting podcasts we have scheduled over the next several months.

Authors

Avatar

Ali Amagasu

Marketing Communications Manager

Leave a Comment
Avatar

Doing the Right Thing in Life-Changing Moments

I couldn’t be a successful Cisco leader if I didn’t focus on delivering the best possible business outcomes to our customers. At Cisco, we are committed to delivering customer and shareholder value through world-class products, services and support. But the other side of this commitment is that the quality of our service depends on the quality and focus of our people. We all go through changes in our lives that demand extra time and attention. I believe that the better we support our employees through those changes, the better they’ll be able to serve our customers.

That’s why I’m proud to be an executive sponsor of two new global programs to support our people in moments that matter in their lives—whether they be the milestone moments of welcoming a new child into their family, or the challenging moments of responding to an emergency:

  • Becoming a Parent: We’re expanding the minimum time off and support to parents who welcome a new child into their family, whether someone is having a baby, adopting, going through fertility treatments, or surrogacy. While the length of the leave varies from country to country, the minimum global leave for primary caregivers is 13 weeks, and supporting caregivers can take at least four weeks for bonding with the new child. And the program isn’t limited just to parents. We recognize that people are staying in the workforce longer, so grandparents in the Cisco community can also take a few days off to bond with a new grandchild. The program is effective now in United States, and then will be available globally in phases by country.
  • Emergency Time Off: When someone faces an emergency, such as a death in the family, an illness, a natural disaster, or some other urgent situation, they need to give it their full attention. Effective globally now, this program enables an employee to take additional time off to deal with family emergencies without worrying about how much personal time off (PTO) they have available. The program is intended for short periods of time, and not expected to total more than four weeks per year—but we’ll always discuss the employees needs and support them in the best way we can. And recognizing that we all create our families differently, we define “family” as anyone an employee relies on or who relies on them, whether that means a stepparent, grandparent, sibling, domestic partner, or even a roommate.

I’m proud that Cisco is continuing to ramp up the support we give our employees in the life-changing moments everyone faces from time to time. It’s part of “Our People Deal” to respect and care for each other, and always do the right thing. These new programs embrace both of those values.

It’s about caring and doing the right thing for our employees. But it’s also about the strength of our talent. When people can take the time they need for their families, they’ll come back to work refreshed and energized. That’s where innovation can happen.

Authors

Avatar

Joe Cozzolino

Senior Vice President

Cisco Services

Leave a Comment
Avatar

IETF Hackathon Closes Loop Between Open Source and Standards

The first ever IETF Hackathon was held March 21-22, the weekend before IETF 92 in Dallas, TX. It was a late addition to the conference schedule, answering the call to action from Engineering CTO and Chief Architect Dave Ward’s talk at IETF 91, Open Standards, Open Source, Open Loop. Cisco DevNet teamed up with IETF leaders to put the event together in short order. Stated goals included bringing running code back into the IETF, bridging the gap between open source and open standards, and introducing more developers and young people to the IETF. It was a huge success by these and other measures, as evident by the announcement at the plenary session of another hackathon at IETF 93 in Prague. So started the blogpost recapping the experiment now known as the first IETF Hackathon.

Fast forward to IETF 100 in Singapore, a milestone event in IETF history. The Hackathon has become the official start of the IETF meeting and a valued part of IETF culture. Wnhereas the first hackathon involved only 3% of meeting participants, this hackathon involved 22%. The following pictures are IETF 92 hackathon (top left), IETF 100 hackathon (top right), graph of number of IETF hackathon participants (bottom).

Despite its growth, the goals of the hackathon remain exactly the same. There have been some changes to the format to accommodate the growth, but the overall agenda and unorthodox style of the hackathon are essentially unchanged. The IETF Hackathon is not your typical hackathon. There is no hype, no sleeping bags, and no prize money. Instead, there is collaboration, common goals, and a drive to make the internet better, faster, and more secure. These motivations are stronger than you might expect.

Despite it being the weekend and Singapore being a great city to play tourist for a couple days, the hackathon room started to fill quickly after the doors opened at 8am. By the official kickoff at 9:30am, it was clear this hackathon would set new records for attendance, ultimately drawing 219 registered participants, eclipsing the previous record of 199 set a few months earlier at IETF 99 in Prague.

Work at an IETF Hackathon revolves around a set of projects. Each project is proposed and led by one of more volunteers, also known as “champions”, willing to lead work related to new, developing, or existing IETF standards. These champions are the life blood of the IETF Hackathon. The responsibilities of a champion are as follows:

Before the Hackathon:

  • Update the hackathon wiki with details about project
  • Share ideas and any preparation materials or requirements with potential attendees via the hackathon email list
  • Recruit participants from associated working groups, open source projects, standards organizations, etc.

At the Hackathon:

  • Create and display a poster or sign that introduces the project and makes it
    easy to find
  • Be available to answer questions and help others
  • Hack on things in their copious free time

Anyone can be a champion, and any project is welcome provided it has some ties to existing or future IETF work. The projects at IETF 100 were:

  • Data Leak Prevention (DLP)
  • IPv4-IPv6 Transition Technology Interop
  • JMAP Interop
  • DNS
  • DNS-Based Service Discovery (DNSSD)
  • TLS
  • NETVC
  • SACM
  • YANG/NETCONF/RESTCONF
  • QUIC
  • Captive Portals
  • Interface to Network Security Functions (I2NSF) Framework
  • Public Interest and HTTP Status Code 451
  • Generating Certificate Requests for Short-Term, Automatically-Renewed (STAR) Certificates
  • IPv6 compression + fragmentation prototype implementation for LoRaWAN
  • DOTS Interop
  • ECN / AQM Testing & Interop
  • IOAM
  • WISHI
  • COAP-over-TCP

Following a brief kickoff presentation covering the agenda and other housekeeping items, participants self-organized into teams and got to work. The nature of the hackathon is such that it is not uncommon for participants to work on multiple projects and for teams to work together on newly discovered areas of common interest. This level of cooperation and knowledge transfer is another noteworthy benefit of the hackathon. The increased awareness and relationships established during the course of the weekend are arguably more important than the code that gets written.

These newly established connections are not limited to people in different IETF working groups. In many cases, they involve people from open source communities, other standards organizations, and local universities. The hackathon in Singapore included 76 people for whom it was their first hackathon, and 46 people for whom this was their first time at any IETF function. That is clear testament to the ability of the IETF Hackathon to bring different groups of people together.

The majority of the hackathon participants gathered in Singapore to participate in person. However, there were a number of remote participants as well. Remote participation, while not ideal, can work quite well, especially in cases in which one or more people are onsite to bridge the gap between what happens locally and remotely. Taken together, participants represented 38 different countries!

As mentioned previously, the IETF Hackathon is not an all-night affair. Most participants have a full week of intense meetings immediately after the hackathon; consequently, the hackathon doors close at 10pm to encourage participants to get some sleep. Most return the next morning as soon as the doors open and the coffee arrives.

The official start on Sunday is 9am, but many arrive earlier than that, eager to get back to work. This continues until 2pm when coding stops and sharing of results begins. Each team delivers a brief presentation, no more than 3 minutes, recapping what they achieved, lessons learned, and feedback they intend to bring back to relevant working groups to guide and accelerate corresponding standardization efforts.

In the spirit of friendly competition, winners are announced and prizes are awarded. Thanks to Cisco’s Collaboration Group, the sponsor for the IETF 100 Hackathon, there were some pretty nice tech gadgets from which winners could choose. The winning projects were as follows:

DNS: Best Overall (presentation)
Projects included:

 

IPv4-IPv6 Transition Technology Interop and NAT64 testing: Best Input for the Scotch BoF – to the universal deployment of IPv6! (presentation)
Work included:

  • interop testing of Vector Packet Processing (VPP) DS-lite (AFTR) and Allied Telesis (DS-lite B4) as well as several other v4v6 combinations
  • implementation of VPP DHCPv6 PD client, Stun library DNS64 NAT64 discovery / IPv4 literal synthesizer
  • testing applications behind DS-lite, 464XLAT, NAT64
    Results, lessons learned, and recommendations were shared and will be fed back

 

I2NSF: Best Student Project
(presentation)

The team from Sungkyunkwan University in South Korea continued their ongoing work proving the framework being standardized by the Interface to Security Network Functions working group. This entailed is using NETCONF, RESTCONF, YANG data models in combination with OpenDaylight for management of network security functions.

 

YANG/NETCONF/RESTCONF: Best Long-Term Work (presentation)
Work included:

  • YANG Suite integration with YANG Catalog
  • YANG Development Kit (YDK) integration with YANG Suite
  • YANG module semantic versioning and diff views from YANG Catalog
  • REST API for the YANG Regex validator
  • Automated YANG test harness against confd and netconfd
  • Integration of YANG Catalog with IETF

 

TLS: Best Remote Participation (presentation)
Huge team that included 16 participants in Singapore and 8 remote participants from Japan, London, and Mauritius (hackers.mu) that tackled development and interop testing of 10 applications based on their support for draft-ietf-tls-tls13, The Transport Layer Security (TLS) Protocol Version 1.3. As a result, TLS 1.3 is closer than ever to releasing, there is a larger network of implementers, and the group is ready for more experiments with middleboxes.

 

DOTS Interop: Best Open Source Project (presentation)
Project featured:

  • successful interop testing of two implementations of the protocols being standardized in the DDoS Open Threat Signaling (dots) working group
  • adding new features to open source implementation (go-dots)
  • detailed feedback for the working group

 

SACM: Best Cross Area Work (presentation)
Project involved joint work between NETCONF and Security Automation and Continuous Monitoring (SACM) working groups to add support for telemetry to SACM based on draft-ietf-netconf-yang-push, YANG Datastore Subscription, YANG Push.

 

 

 

QUIC: Best Interoperability Testing (presentation)
Project focused on development and interop testing of 11 implementations of the QUIC protocol.

 

 

All the project presentations are available at the Hackathon Meeting Materials page. The DNS and I2NSF teams went on to demo their projects to the entire IETF community prior to the plenary session on Wednesday. This helped extend the reach of the hackathon and further establish an appreciation of the benefits of running code to ongoing standardization efforts.

On Thursday, Dave Ward delivered another provoking talk, this one titled 3 years on: Open Standards, Open Source, Open Loop. It gave the IETF community an opportunity to look at how much progress has been made, discuss successes and failures, and consider how best to interact with developers, communities and deployers of open source going forward.

The end of the hackathon did not mark the end of the efforts involving running code. Throughout the week, coding and experimentation continued in the Code Lounge, a portion of the IETF Lounge designated for ongoing work on hackathon and other projects. Of particular note was experimentation on Explicit Congestion Notification (ECN), RFC 3168. Thanks to Arris and the tireless efforts of Chris Tuska, a group of IETFers from Akamai and Apple were able to experiment with the impact of ECN when used on a variety of networks with different traffic loads. Their work was ongoing as this was being written, and it will continue at the IETF 101 Hackathon in London in March 2018.

The IETF is committed to continuing to host IETF Hackathons. Cisco DevNet is committed to continuing to organize them and provide developers with resources to prepare for and maximize productivity during the hackathon. A financial sponsor for the is still being sought for IETF 101 and for 2018 in general. If interested, contact Joe Abley.

Hope to see you at the IETF 101 Hackathon in London!

 Hackathon photos thanks to Stonehouse Photographic
 Singapore photo thanks to Brian Campbell

We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!

Twitter @CiscoDevNet | Facebook | LinkedIn

Visit the new Developer Video Channel

Authors

Avatar

Charles Eckel

Principal Engineer

Global Technology Standards

2 Comments
Avatar

Intuitive Test Automation for an Intuitive Network

The rise of intent-based, programmable networks has created new and exciting opportunities: ones that require new tools, new developer skills, and sometimes, new ways of thinking. So what do you do when presented with the opportunity to shape Cisco’s next 20 years of test automation?

Our DevX test engineering team at Cisco had an answer to that question, and about 3½ years ago we embarked on a quest to create the next-generation test automation framework for Cisco engineering. One that would be crafted using a modern programming language; and tailor fitted to operate in rapidly iterating, agile development environments.

An intuitive test automation framework for an intuitive network.

After multiple major internal releases, amassing thousands of test developers and millions of lines of test scripts and libraries, today, pyATS (Python Automation Test System) is now available to the world through Cisco DevNet.

It’s not about the destination; it’s about the journey.
Test frameworks are intrinsically simple: define test cases, run test cases, report results. Anyone can go and create their own tool to do just that. But what differentiates a tool from a successful ecosystem is the culture that it brings about: enabling people to share and collaborate; proliferating positive designs, ideas and methodologies; and ultimately moving the testing community forward.

We did not just aim for today. We designed for tomorrow.
The last 20 years of Cisco test automation has been deeply rooted in Tcl, a popular language used for automation in the early days of telecommunication. Shifting this [procedural based] momentum into a new, object-oriented modern era presented a unique challenge. We had to rethink the impossible, consider the improbable, and reinvent test automation from the bottom up: architecting for what would be the new ways of doing things for the next decades, and bridging the ways of yesterday into the ways of tomorrow.

At the helm of a new era of test automation
pyATS is a test framework featuring all the necessary bits required for network test automation, and leverages all of the perks of the Python-3 programming language:

  • The ability to define reusable, inheritable, data-driven test cases and suites, with distinct sections for common, suite-level configuration and teardown
  • User-controlled, on-demand, selective & asynchronous execution
  • YAML representation of network topology and devices
  • Reuse of any existing Tcl-based libraries and packages (eg, HLTAPIs)
  • Built-in debugging capability, such as automatically starting interactive shell on point of failure
  • Customization/extension via plugins, configurations, and hooks
  • Platform agnostic, with new platform (including third-party devices) support added through polymorphic plugin interfaces

“pyATS code is beautiful to read” – Raymond Hettinger, veteran Python Core Developer.

With pyATS, network devices and interconnects are defined through YAML files. These YAML [testbed] files then loads into corresponding Python objects, using references & relationships to depict network topology; properties & methods to represent network functionality, device control, configuration and status.

From there on, developers can start with simple, linear tests, such as configuring interface and checking pings; and easily migrate towards larger, complex, data-driven and reusable tests, such as scaling MPLS with various routing protocols and number of traffic streams.

The framework is suitable for a wide variety of testing methodologies. In Cisco today, pyATS is deployed within multiple business groups, executing test cases in sanity, regression and solution labs; covering products ranging from Wi-Fi access points to core routing platforms, from IOS CLI to DNA-C web UI.

Now available through Cisco DevNet
One of the key principles to true organizational agility lies with development transparency. As pyATS gathered momentum within Cisco, teams began inquiring whether it’s possible to share their automation with customers as part of collaborative development and release. To do so requires providing customers with access to the test framework. Could it be done?  Yes it could!

With pyATS available through Cisco DevNet, we bring customers one step closer. Streamlining development-to-deployment and unifying the end-to-end toolchain, pyATS is finding its way into customer facing teams such as Advanced Services, where soon our customers will be serviced using the very same tools, packages and libraries used and developed by Cisco Engineering.

And one more thing …
Great test automation is founded on two pillars: the framework, and the libraries. One major design feature of pyATS is to bridge developers: start with reusing existing Tcl-based packages; transition to pure Python over time, without having to start from absolute zero. Meanwhile, we began working on a new, Pythonic library system.

It is called Genie, a package and library system that supplements pyATS, featuring:

  • Object-oriented, feature-centric base objects modeling device configuration and operation
  • OS/Platform agnostic class designs inspired from common YANG models
  • Event-based testing through triggers & verifications
  • Plug & play with existing pyATS test suites

Genie will be made available through Cisco DevNet in the upcoming months.

Calling all engineers…
The future of networking is intent-based technologies that consistently learn, adapt, and protect. The future of network test automation lies with repeatable, reusable and re-scalable tests and libraries that grow alongside these technologies, where we develop, build and share as one community.

This is a call to all developers – to spend a few minutes on our newly launched DevNet website; watch the short introductory video by Raymond Hettinger; try the sample code and scripts; see the vision; and join the circle of engineers that devote their time to pyATS: an all-out effort to build a better network test automation ecosystem.

We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!

Twitter @CiscoDevNet | Facebook | LinkedIn

Visit the new Developer Video Channel

Authors

Avatar

Siming Yuan

Sr. Technical Leader, Engineering

DevX, Core Software Group

Leave a Comment
Avatar

Your technology guide for remote and virtual care: Get the scoop from HIMSS

Does your healthcare organization offer remote or virtual care—such as telemedicine—as part of your service offerings? Are you thinking about it?

You should be.

Gone are the days when care delivery was confined to the four walls of a hospital. Patients today want the convenience of anytime, anywhere consultations—plus the ability to monitor conditions from home using wearable or mobile devices. On the flip side, busy clinicians crave the efficiency and mobility that digitally-enhanced workflows provide.

And thanks to technology, all of this is within reach, today.

There are lots of “whys” when it comes to distributed care. Some choose it for its ability to attract patients, grow revenue, and reduce costs associated with readmissions. Others seek it for its power to expand reach and increase access to care, especially in less mobile populations or areas with a shortage of specialists.

Given all of these benefits, the choice to offer some form of virtual care seems like a no-brainer for healthcare organizations. But the trickier question to answer is “how?” Where do you start? Do you have the right technology infrastructure? What organizational or cultural shifts will be required? Are there any challenges or roadblocks to overcome? (Hint: yes.)

To help you along this journey, we recently teamed up with the experts at HIMSS (Healthcare Information Management Systems Society) to produce an interactive eGuide: Your Technology Roadmap for Distributed Care. In it, healthcare technology leaders share their tips and best practices for supporting modern models of care. And for further reading, you’ll also find a variety of resources embedded throughout the guide, all just a click away.

Download it now—and start charting your organization’s course today.

Authors

Avatar

Amy Young

Marketing Manager

Healthcare

17 Comments
Avatar

The Future of Customer Experience Isn’t All Digital

In my last blog, I explored the concept of a post-digital world — where counting the number of positive reactions from customers is no longer enough. That approach was modern at the time, but digital marketing is taking a new turn.

The truth is that while digital is everything, everything is not digital. And, in fact, it never has been — despite predictions that our love of all things digital would inevitably trap us in socially-isolated cybercaves, with no real human interaction. Needless to say, community — the primal, human urge to commune, share, and connect — is alive and well. Facebook, Twitter, Tumblr, Foursquare, Pinterest, LinkedIn, all have the power to connect to the real world, and they all do.

Human emotions today are more important than ever – marketing teams are hustling to get ahead of customer needs and demands anytime and anywhere. However, the future isn’t all that tech-driven when it comes to driving success through inspirational leadership skills, nor when making customers feel more valued rather than being just another “value” with no unique identity.

So how do we make customers feel valued? Teach empowerment, give empowerment.

 

 

On-demand service matters to customers, whether through customer service chat rooms, addressing social media comments, or other engagement channels. That demand is expected to increase as digital consumers continue to evolve their behaviors as they adapt to upcoming digital marketing technologies. The rise of automation will help power data and empower digital marketing teams to keep up with that demand and the demand for personalization.

As I mentioned in my last blog, we’re living in an engagement economy where customers are increasingly seeking more “personalized” high-level experiences. Simultaneously, we’re in the era of the “sharing” economy where people are being more resourceful to one another. In this sense, the sharing economy doesn’t just pertain to ride shares, but also the shareable intel that comes from various personal experiences in the form of Yelp reviews, online product reviews, blog networks, or forums focused on specific verticals.

Even as customers find satisfaction from accelerated services, we don’t see the power of human interactions diffusing because of technology anytime soon.

 

 

What’s traditional is timeless, and in this case, it means face-to-face interactions and the emotions involved with it. Remember, behind each data point is a real human with emotions.

Traditional and digital play hand-in-hand when it comes to delivering enhanced customer experiences, and will continue to do so for tech clients. Today, we see marketing strategies leveraging various tactics including digital platforms, phone calls, and in-person events (individual meetings and larger meetups) together to ensure the customer continues to feel valued in the growing digital world.

While new digital marketing tools and the rise of automation will help marketers aggregate audience segments, empathy is the glue that connects the insights together for the best-informed decision. An example of one of the latest intersections of technology and human relationships can be seen in Nordstrom’s recently launched concept store – still supported by technology, but focuses on building real personalized connections.

So, what’s the next step to creating a more emotionally connected marketing approach?

 

 

Despite the many social platforms nowadays, customers need to feel like they’ll receive the best service no matter the method or medium they are using to interact with you. How can a limited team address the increasing rapid-response needs of customers through empowerment – a concept and energy without shape or structure?

We need to map out and build a customer experience culture that is reflective of your team’s internal culture. It’s important to foster a strong internal team culture that promotes supporting each other, because this will inspire internal talent to focus more on how they can better understand customers and make better recommendations with the help of actionable data.

In the long-run, this recurring cycle of empowerment for marketers and customers to own opportunities can ultimately convert to higher traffic retention and customer loyalty.

Welcome to the post-digital world, an exhilarating and refreshing return to civility.

Authors

Avatar

Michelle Chiantera