Year: 2017

April 5, 2017 Leave a Comment
Avatar

Get Insights on Digitizing Manufacturing at Hannover

Even though Industrie 4.0 and smart manufacturing concepts have been around for a few years, thought leaders are now agreeing that Industrie 4.0 is at an inflection point. In a recent issue of CloudComputing News, this passage was particularly striking:

“Manufacturers are gaining the greatest value from Industry 4.0 by creating pilot projects that create flexible, agile, real-time platforms supporting new business models with real-time integration…For manufacturers in cost-sensitive industries, the urgency of translating the vision of digital transformation into results is key to their future growth. The more competitively intense an industry, the more essential real-time integration.”

We are definitely seeing this as we talk to manufacturers who are looking at different ways to accelerate their digitization projects in factories around the world.

Later this month Cisco will be at Hannover Messe, the largest industrial show, highlighting some of the key steps to securely digitizing your operations. Read more about our presence in Martin Dube’s blog here.

If you are planning to attend the conference, plan on catching many interesting sessions in the various forums on the following topics:

  • [Mon April 24 at 10:40 -11:00] Theory of Operations for TSN-based Industrial Systems and Applications by Paul Didier
  • [Weds April 26 at 11:10 -11:35] Automotive Industry Challenges and Opportunities by Martin Dube
  • [Weds April 26 at 16:00 -16:20] Industries Digitization Journey – Realizing New Industry Business Outcomes with IoT by Bryan Tantzen
  • [Fri April 28 at 11:20 -11:40] ‘Smart Connectivity and Data Analytics for Intelligent Process Field Devices with Fog Computing’ by Volker Sorhage
  • [Fri April 28 at 12:30 -13:00] Collaborative human and machine insights & interactions to improve decision support and productivity by Daniel Keely

More information including locations for these sessions can be found here.

In addition, we will have subject matter experts presenting on various topics every ½ hour in our booth theatre in Hall 8, Stand C13 on topics such as:

  • How to Get Started on your IIoT Journey by NYT best selling author and Cisco executive Maciej Kranz
  • Opportunities in the New IoT Industrial Revolution by Bryan Tantzen
  • Standard-based security architecture for control systems in a converged IT/OT environment by Maik Seewald
  • How To Secure Remote Access Needs For Industrial Systems by Robert Albach

We hope to see you at Hannover and we look forward to helping you jump start your Industrie 4.0 strategies and plans.

For more details, check out our event site here.

Authors

Avatar

Scot Wlodarczak

No Longer with Cisco

April 4, 2017 Leave a Comment
Avatar

Protecting Innovation: Update on ITC Enforcement Action

UPDATE (April 7, 2017): The U.S. CBP agency today decided to allow importation of Arista’s redesigned products into the U.S. while the ITC enforcement proceedings for case ‘944 are underway. The decision was issued after the agency met with counsel for both parties in late February, where our outside counsel expressed concerns about the Arista redesign. We have always sought a detailed and open process, and appreciate that CBP has afforded us this opportunity for increased transparency.

Earlier this week, we presented evidence and testimony to the ITC judge in this case, and await his determination – along with that of the Commission – whether Arista’s redesign continues to infringe. It has always been our goal in these actions for Arista to stop using Cisco’s proprietary technologies, and our enforcement proceedings are a key step in determining whether Arista’s redesigned products use IP copied from Cisco.

***********************************************************

Original (April 4, 2017): Opening statements for the ITC ‘944 investigation enforcement hearing began this afternoon, and the full evidentiary hearing should be complete tomorrow. In the ITC’s final decision last summer, Arista was found to infringe three Cisco patents, including our SysDB patent. While Arista claims to have redesigned its products to avoid Cisco’s SysDB patent, they declined to present the redesign to the Commission for review. The ITC now will determine in the enforcement proceeding whether Arista’s redesign continues to infringe Cisco’s SysDB patent and, if so, what the penalty should be for the ongoing infringement.

We appreciate the staff attorney’s positions presented in opening statements today, which highlight issues to be considered in the enforcement proceeding. Our goal all along has been to stop Arista from using IP copied from Cisco in its products. We believe that the changes made in Arista’s redesign were insignificant, and that their switches continue to rely on the teaching of Cisco’s patent for the operation of their switches. We intend to present evidence to that effect in the enforcement proceeding.

We look forward to the hearing, which is our first opportunity to present live testimony regarding Arista’s redesign before the Administrative Law Judge who will recommend a finding to the full Commission. The staff attorney noted that in the event a violation is found, that Arista should be subject to a “substantial penalty.”  The ALJ is expected to issue his decision on June 20, 2017, after which the Commission is expected to issue its final decision on September 20, 2017.

In the meantime, Customs and Border Protection (CBP) met with counsel from both parties in February, during which Cisco expressed our concerns about the Arista redesign. CBP is expected to issue a ruling on whether Arista should be allowed to import its redesigned product while the ITC enforcement proceedings are underway, but will be bound by the final ITC decision in September.

If the ITC finds that Arista’s redesign still infringes after considering all the evidence, CBP will enforce the import ban of Arista’s products, and the ITC may issue substantial penalties for Arista’s continued sale of infringing products after the ITC cease and desist order went into effect.

It has always been our goal in these actions for Arista to stop using Cisco’s IP and the enforcement proceedings are consistent with that goal.

Authors

Avatar

Mark Chandler

Retired | Executive Vice President

Chief Legal and Compliance Officer

2 Comments
Avatar

New Facebook storage platform looking more like Cisco UCS

A few weeks ago, this year’s Open Compute Summit in Santa Clara, California concluded. I personally love this event to see what all the big massive scale data center operators are doing.

I have been following the program since it’s inception and unfortunately missed this year’s event but you can definitely be sure I was watching. One thing I immediately noticed was Facebook’s Bryce Canyon contribution that was detailed out quite well in a Facebook Engineering blog.

This new storage platform supersedes their 2nd generation Honey Badger design also known as “Open Vault”. In just a few years Facebook has matured their hardware designs significantly. After two iterations, it looks like they had an “ah ha” moment realizing vertically orienting data drives is far more efficient especially if physical space is a premium.

I recently wrote a blog comparing two Honey Badgers to a single Cisco UCS S-Series Storage Server. With the Bryce Canyon announcement I thought it merited a follow up blog on the topic as it is a major shift in hardware design for Facebook engineering that deserves some attention.

In my first blog, I compared storage capacity and capability within a 4RU footprint to create a level playing field between the Cisco S3260 and Honey Badger. The release of Bryce Canyon creates a more accurate “apples to apples” compare as it is designed within the constraints of a 4RU footprint.

Right off the bat you will see it’s modular design is identical to the Cisco S3260. However, there are a couple major differences tailored to Facebook’s unique workload requirements which we will go through in this blog. But to get you up to speed on our box check out this cool 3D model and also the product specification sheet to help do the compare.

Reading through their blog I couldn’t help but notice so many similarities to my recent blog. Who knows maybe the author might have been a fan of my blog or maybe it’s just coincidence. Any which way, read both blogs and judge for yourself.

While Bryce Canyon from a design perspective is similar to the Cisco UCS S3260 for many attributes. There are a few other things to look at and the first is size.

The graph above shows a compare of physical dimensions which could be a show stopper for you depending on the racks you use. Bryce Canyon is substantially larger than the Cisco S3260 as it was designed for use in Facebook’s 21” Open Rack and not an industry standard 19” rack.

After you compare dimensions you might ask “what’s inside the sheet metal?”. Here are some quick specs on both platforms.

  • Facebook Brice Canyon: 72 drives for single server node or 36 drives for dual server nodes
  • Cisco UCS S3260: 60 drives for single server node or 28 drives for dual server nodes






While the Cisco S3260 in it’s current form may have slightly less drives than Bryce Canyon. The difference in capacity per box is marginal when considering Petabyte scale deployments like we see with our ecosystem of industry leading software defined storage partners.

For example, check out this new Scality RING on Cisco UCS S-Series Storage Server solution brief and also stop by their Cisco UCS Partner page to learn more on what we are doing together.

Outside of storage alone, the S3260 offers much higher performance packed into a much smaller footprint. Stay tuned for a follow on blog to this topic as it’s looking pretty interesting in draft.

Overall comparing the two there are a lot of similarities and I am glad to see Facebook evolving their platform to where it is today. It’s great validation for Cisco UCS and it’s loyal customers. But remember, Facebook was founded as a digital business with very narrow focus on IT resulting in rigid data center architectures and point products for processing and storing it’s unstructured data.

If your business is currently going through a digital transformation, download this free White Paper from Moor Insights & Strategy to better learn how active data is creating new business insights. And if you are interested in learning how Cisco Unified Computing System can help you activate your data here’s a great brochure to get you started.

If you liked this blog please stay tuned for more on data center storage solutions at Cisco and be sure to follow me on Twitter.

Authors

Avatar

Chalon Duncan

Partner Managed Service Offer Manager

Global Partner Organization

Leave a Comment
Avatar

#CiscoChampion Radio, S4|Ep. 3: CMX

#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re discussing Connected Mobile Experiences (CMX).

Get the Podcast

  • Listen to this episode
  • Download this episode (right-click on the episode’s download button)
  • View this episode in iTunes

Cisco Guest
Darryl Sladden (@darrylsj), Technical Marketing Manager

Cisco Champion Hosts
Brad Haynes (@gk_bradhaynes), Client Solutions Specialist
Dave Derry, Technical Marketing Engineer
Haydn Andrews, Senior Wireless Engineer

Moderator
Lauren Friedman (@lauren)

Continue reading “#CiscoChampion Radio, S4|Ep. 3: CMX”

Authors

Avatar

Brandon Prebynski

Leave a Comment
Avatar

Black Hat Asia 2017: SOC in the NOC

Detecting PowerShell Exploits

Black Hat returned to Asia again in 2017, with two days of technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at the Briefings. The backbone of the conference was the WiFi network, built on site by staff from Ruckus. I was honored to be invited to join the Tech Team, as part of the Security Operations Center (SOC) within the Network Operations Center (NOC); developed from the relationships formed at the RSA Conference SOC.

With the smaller size and ad hoc network nature of the conference, the NOC and SOC can be in the same room, but duties are segregated. The primary mission of the NOC team was to ensure the WiFi network was not disrupted, quickly addressing an issue the first day with the WAPs dropping sessions. The primary mission of the SOC team was to protect the network from attacks: external and by attendees; with DDOS and traffic floods being the biggest concerns.

The technology stack was driven by the mission and contributing sponsors:

NOC

  • Wireless network infrastructure – Ruckus
  • Visualization – Open IP (OIP)
  • TAP solution – Gigamon
  • IAM – RSA

SOC

For incident response, no remediation was possible on endpoints, as they are owned by the attendees and vendors. Unlike Black Hat USA, where the network is large and segmented, and every classroom is identified, enabling pinpointing of problems or attacks; the Black Hat Asia network was flat. Only recourse was to block the MAC address of problem users.

As described in the RSAC SOC blog, the SOC team placed NetWitness Packets into Continuous Monitoring mode, where .exe, .dll and other potentially malicious payloads were carved out of the network stream and underwent Static analysis, Network intelligence and Community lookup; before sent to Threat Grid for dynamic malware analysis.

On the first day of the Business Hall, I noticed an .exe enter into the Threat Grid cloud, from NetWitness Packets, for dynamic analysis. I opened the sample in the ‘Glovebox’ to see what was happening, as we had seen many installers downloaded over the week. The interaction in the Glovebox allows for safe interaction with the samples, including full installation and clicking on dialog box pop-ups or checks for a human presence.

I noticed the sample was enumerating the system and exhibited the characteristics of a Remote Access Trojan.

This is a suspicious behavior for which Threat Grid alerted.

Because Threat Grid has no instrumentation or hooks into the virtual environment, there is no presence to indicate to the samples that they are in a sandbox, in fact the sample checking for was an additional behavior upon which to alert.

Those behaviors, and the observation in the Glovebox, caused me to escalate the detection to my fellow SOC members, who began the tracing the origin of the sample and the user. The run time for sample submitted via the Threat Grid API is five minutes, to rapidly provide a threat score to the SOC team, who started to investigate the user activity. The sample’s behavior warranted closer examination in the Glovebox; and I resubmitted (can go up to 30 minutes) to examine the Control Panel and command and control (CnC).

The CnC investigation lead me to the controlling infrastructure with the challenge: Can you detect an APT like me?

The answer was “Yes!”

I dug deeper into the DNS traffic of the original CnC.

From this I pivoted to the related IP address.

Because Threat Grid is not a “sandbox”, rather an integrated threat intelligence and dynamic malware analysis platform, I was able to examine the other domains associated with this IP address, from the behavior of other samples.

Using Cisco Umbrella Investigate, I was able to investigate each domain for DNS queries and intelligence.

With this additional intelligence, we were able to empower the SOC team members to confirm no malicious traffic was going in or out of the network to this CnC infrastructure.

A search of the Black Hat speakers determined that Mr. Shota Shinogi is a security researcher, pen-test tool developer and a pen-tester. His hobby is to find out how to bypass security solutions. I found Mr. Shinogi at the Black Hat Arsenal booth. He has a new version that utilizes PowerShell, so no file is dropped on the disk. He has a website to deliver the PS1 to the endpoint via a link file. The exploit has total control over the endpoint and bypasses traditional endpoint detection. I was able to submit the URL to the Threat Grid Glovebox and simulate the drive by attack. The resulting endpoint behavior and CnC is below.

Black Hat is about sharing and it was great to engage with Mr. Shinogi in a discussion of the detection and further collaboration as security professionals. It was a wonderful conference and I enjoyed being part of the Black Hat SOC team. From the conversations with the SOC leadership, we determined it would be beneficial to bring in Cisco Umbrella to have visualization and statistical analysis of the DNS queries and traffic of the Black Hat conferences. Cisco will sponsor Black Hat with the technology beginning Black Hat USA 2017. See you in Vegas!

Authors

Avatar

Jessica (Bair) Oppenheimer

Director, Security Operations

Threat Detection & Response

8 Comments
Avatar

Introducing Pipeline: A Model-Driven Telemetry Collection Service

The Other Half of the Story

With model-driven telemetry (MDT), routers can stream out large amounts of operational data in a highly efficient, easily consumable way. But getting data off the box is only half the story. You have to have something on the other end to collect and transform the raw data in preparation for storage and analysis. MDT uses standard transports, RPCs and encodings, so theoretically it wouldn’t be too hard to whip up your own collector using standard libraries and packages. Luckily, you don’t have to start from scratch. Last week, we open-sourced Pipeline, a lightweight collection service that provides the first step in scalable data collection.

Input, Transform, Output

Pipeline is a flexible, multi-function collection service that is written in Go. It can ingest telemetry data from any XR release starting from 6.0.1. Pipeline’s input stages support raw UDP and TCP, as well as gRPC dial-in and dial-out capability. For encoding, Pipeline can consume JSON, compact GPB and self-describing GPB. On the output side, Pipeline can write the telemetry data to a text file as a JSON object, push the data to a Kafka bus and/or format it for consumption by open source stacks. Pipeline can easily be extended to include other output stages and we encourage contributions from anyone who wants to get involved.

What It’s Not

It’s important to understand that Pipeline is not a complete big data analytics stack. Think of it as the first layer in a scalable, modular, analytics architecture. Depending on your use case, that architecture would also include separate components for big data storage, stream processing, analysis, alerting and visualization.

Big data platforms in open source include (among many) PNDA, the Prometheus eco-system and the InfluxDB stack. Pipeline’s function is to process the raw telemetry data from the network and transform it into a format that can be leveraged by powerful systems like these.

Try It Today!

If you’re ready to unleash the power of model-driven telemetry, head on over to github and check out the Pipeline repo.  And if you need some help getting started with MDT, be sure to check out our tutorials.  It’s time to discover what big data analytics can do for your network.

Authors

Avatar

Shelly Cadora

Technical Marketing Engineer

Leave a Comment
Avatar

#CiscoChat Recap: Is Your Network Behind the Digital Curve?

In our era of digital revolution, speed is the name of the game. From the rapid release of innovative products, solutions, and ideas to the constant emergence of new business possibilities, things are moving fast.

Staying competitive in today’s marketplace means always being ready to seize opportunities as they arise. How can IT enable the business to do this? What do digital leaders need to be doing now so their organizations can be ready for tomorrow? And, as we move forward, how do we ensure that our security moves forward too?

There’s only one place to take questions this big: to the experts in a #CiscoChat. At the end of last month, we gathered together professionals from Cisco and beyond to help us find some answers. Below are some of the highlights that emerged from our contributors during the chat:

Question 1: What is IT’s role in enabling digital transformation?


 

Question 2: What are IT leaders’ concerns when enabling #digitization in their organization?


 

Question 3: What is the most important aspect of a digital-ready network?



 

Question 4: Do you think your network is secure against ever-evolving threats in the era of digital transformation?

 

Question 5: What would it take to convince your boss to take on the digital journey?

 

Question 6: What are some innovations that can ensure that your network is already digital?


Special thanks to those who participated and made this such a fun and insightful #CiscoChat! We look forward to continuing the conversation. Join @CiscoServices and @Cisco_IoT on Wed, April 5th at 11AM PST to talk about benefits and obstacles on the way to digitization through IoT.

Authors

Avatar

Denise Denson-Hanson

Marketing Manager

Enterprise Solutions Marketing - Services

2 Comments
Avatar

Why Companies Need an Expert Guide to Drive Their Digital Transformation

The world is becoming more digital at an unprecedented pace. We are blessed to be living in one of the biggest inflection points not only in the business world but also in human history. Companies with digital-ready networks today are growing revenue, profits and customer retention 2 to 3 times more quickly1 than those with legacy networks, and the number of digital-ready networks globally will triple over the next two years1.

There is no doubt that we live in a world where you have to disrupt or be disrupted. In this new reality
the network is emerging as a potential bottleneck to achieve digital transformation, because most networks have not kept up with this pace of change. Over the past 30 years, networks have been built for connectivity, and operation and management can be manual, complex and rigid. So far they’ve done the trick. But with the perfect storm made up by mobile, cloud, social, analytics and IoT trends, these legacy networks just can’t scale. We’ve undoubtedly reached a tipping point.

Today, about 90% of network investments are for maintaining operation and completing mundane tasks, and only 10% is about creating value. No innovation. So the name of the game is ripping up the old playbook and creating smarter networks where automation, analytics, virtualization, security and simplified management are the hallmarks of new, smarter networks. These new technologies will help customers unleash innovation in a more effective way.

As companies go though their planning process to become digital-ready, several critical areas they have to address come to mind:

  • Where should they focus people, budget and time?
  • How can they get the most out of their new technology investments and optimize what they have today?
  • What gaps do they address first and why?

Companies never purchase technology to store it in a warehouse somewhere. They want to be digital-ready to increase their revenue, reduce cost, decrease their risk and get to market faster than their competitors.  But they need to design, implement, and manage their new technology while keeping their current network operational and stable. More often than not they will need expert help to achieve these goals.

With this in mind, we at Cisco have designed an Advisory Service to help our customers create a strategic plan to achieve their objectives while maintaining a stable and secure network during their transition. We called it Cisco® DNA Advisory Service. We work with our customers to understand where they want to take their business, and then build a roadmap to get them there, encompassing technology, processes and people. We’ve identified eight primary areas to address during the transformation and mapped out how each area contributes to the overall success of the project. We called this framework DNA 8.

Cisco DNA 8 Framework

Built over 30 years of expertise, this approach enables our customers to make better business decisions so they can prioritize investments and use their limited resources more wisely.

What benefits can our customers expect by investing in building a robust strategy first?

  • Accelerate network transition while maintaining a stable, secure network through the process
  • Reduce risk and save valuable time with expertise and proven methodology with a holistic approach to address gaps, identify dependencies, and prepare their resources
  • Increase operational and network visibility to make easier to uncover and prevent issues
  • Reduce OpEx by promoting consistency and standardization across their environment
  • Improved capabilities and operational practices to support innovation projects enabled by their digital-ready network

The move to digital has companies scrambling to master new business models, new processes, and new threats in ever-shorter time frames. Deep knowledge and expertise is critical for a successful transformation project and very few companies possess all that expertise in house, so expert help is critical to make extraordinary things happen.

I invite you all to learn more of about our Cisco® DNA Advisory Service at cs.co/dnaadvisor.

What are the main challenges you are facing today to design your digital transformation strategy?

Share your comments and stories in the section below!

 

1IDC White Paper and Infographic , sponsored by Cisco, “Is Your Network Ready for Digital Transformation,” January 2017

 

 

 

Authors

Avatar

Roberto Arenas

Sr. Mgr Americas Marketing & Communications Services

AMC – Americas Marketing & Communications

1 Comment
Avatar

IoT Isn’t Just About the ‘Thing’

Internet of Things (IoT) is the term du jour. As adoption increases the natural question becomes, how has it been secured? To understand an effective security strategy for IoT, we first need to understand where the value from IoT is generated. The ability to use data, collected from a variety of locations and sources, to drive decision making is a key asset of the IoT and one that will help organizations to reap the financial benefits it promises. Whether pulling information from sensors on an oil rig in the middle of the ocean or accessing extremely time sensitive data created by machines on manufacturing floors, it’s the ability to respond strategically, supported by data-driven decisions in the moment that create real value.

When we see opportunity for value creation, we know two behaviors are destined to follow.  First, businesses will attempt to capture that value through individuals innovating, solving problems for customers and otherwise improving profitability and or capabilities. Secondly, so will criminals. If you want to see how aggressive criminals chase value, look at some of our reporting on the targeted bitcoin phishing campaigns. What is clear is that cybersecurity is set to be the issue that slows businesses down in capturing the value made possible by IoT.

“An IoT system will only be as secure as the most insecure component in the system.”

This statement is made repeatedly by security purists and is focused on the wrong goal. The goal is not to be secure. The goal is to be resilient. It is true that a critical vulnerability in a solution can certainly change the security posture of the organization using it. However, by understanding that a single insecurity in a component of a system is possible – and maybe likely depending on the device – it can be addressed by understanding the system wide security posture and how vulnerability is handled. Which systems are built with fundamental security (i.e. secure development lifecycles, secure boot, image signing, and runtime protections) and which are not? Which are actively managed and quickly patched, and which are not? What threats will the system face throughout its lifecycle?  What environmental threats will it face? For example, a connected home will face different threats than a nuclear power plant. All of these factors contribute to a strategy for both IoT resilience and resilience in the value created by IoT.

Since the IoT is so data driven, how that data is protected and its associated privacy also plays a critical part of the discussion. It’s important that products and solutions are designed in a way that properly handles data security and privacy throughout the whole solution – from source (sensors) to processors to consumers of that data (a machine or person). Security and privacy should not be bolted on as an afterthought in IoT, but built-in from the beginning.

Intuitively, the mantra becomes: “security for IoT isn’t just about the thing. Security of IoT is about the whole system.”

With that in mind, three fundamental points help frame the discussion:

  • Security must be an enabler. IoT will bring scale and that scale will drive management costs and new complexities that will immediately put tensions on security, data protection and privacy. Without building security in from the beginning, solutions will quickly evolve to meet business needs and security will be left behind.
  • Every piece plays a part. Every component of the solution has a minimum bar. Things must have foundational security, data protection and privacy built in. The networks that connect and manage those things must pick up the slack on security by having higher levels of resilience and knowledge about things. The data consumers must robustly protect privacy.  Every part of the system has a role to play.
  • Everyone needs to get into the act. Who is deploying IoT in your enterprise? Your facilities management people, your value chain organization, your lines of business. This is not “just” an IT security conversation anymore. Multiple stakeholders are making decisions about deploying IoT projects, which means everyone needs to be thinking about security.

An overarching theme is one of collaboration and partnership. We are all in this together.

In follow on blogs, we’ll talk about these three fundamental elements in more detail and propose solutions for how to address each. Please join the discussion with questions and comments.

Authors

Avatar

Anthony Grieco

SVP & Chief Security & Trust Officer

Security and Trust Organization