In the stores of tomorrow, phones will replace cashiers. In the fields of tomorrow, connected crops will solve global food challenges. In the factories of tomorrow, connected robots will work together autonomously. This is the near future, and in some cases, these activities have already become reality. However, delivering these innovations and new experiences requires a strong digital foundation. That means connecting people, processes, and things. According to Cisco VNI, 49% of gobal traffic in 2020 will be Wi-Fi based. For a digital organization, digital success is realized or lost at the first line of defense for connecting things and data.
With Cisco® Umbrella Wireless LAN (WLAN), we’re able to combine the power of the network with advanced security—allowing you to thrive in the era of digital transformation.
Cisco Umbrella WLAN, brings the power of Cisco Umbrella to the entire Cisco WLC portfolio (Cisco WLC 2504, 5508, 5520, 8510, and 8540 as well as the Wireless Services Module 2). Comprehensive security coverage across Cisco extensive WLC portfolio is now available with a simple software upgrade to AireOS 8.4
What can Umbrella WLAN do for you?
It’s all about granularity for the Wi-fi network and visibility, as in the identifying the internet threats and their evolution. Umbrella WLAN provides granular enforcement and reporting at SSID, client location, client user role and WLC level. Tailor acceptable use policies at a level that makes sense for your business.
Umbrella WLAN enforces security at the Domain Name System (DNS) layer, which means you can block requests to malicious domains and IPs before a connection is ever made.
Umbrella WLAN learns from Internet activity patterns to uncover and predict threats. The huge volume of DNS requests from millions of users around the world (100+ billion requests per day) that Cisco resolves provides a very diverse data set. Umbrella WLAN applies statistical models to that data set which allows Cisco to identify where current and future attacks are staged on the Internet.
Deploy and Protect in Minutes
Whether you’re seeking to secure the Internet at one hotspot or several thousand, Umbrella WLAN can be deployed quickly and managed easily through a centralized web-based dashboard. The ability to map business functions to policies is easy and intuitive enabling the network to evolve rapidly to changing business needs. Security is enforced without added latency so the end user experience is not impacted.
Umbrella WLAN lets you simply secure your wireless environment by providing a first line of defense for all your users. For more information, visit the Umbrella web page, take a look at the At-A-Glance.
I trust you are all ending the week on a high note. We certainly feel like we did!
We are delighted with the interest in the new Cisco RV340 Series VPN Routers. We getting requests worldwide, even here, on our Cisco Blog.
Our team was in Melbourne for Cisco Live this week. The show was outstanding with great information, new products, and the best attendees!
We were there to show off our new Network Monitoring and Management platform called Cisco FindIT. Dave, Helena, Ani and Sohaib manned our Cisco START FindIT booth. You can see they are a sharp-looking crew!
Cisco FindIT was the star of the show, along with our SG250 Smart Switch, RV320 Dual WAN VPN Router, and WAP571E Outdoor Wireless Access Point, and finally the WAP150 Dual Radio Wireless Access Point. We showed off FindIT’s ability to monitor and manage our networking devices making overall network management easier, better, and faster. As you can see, they presented a nice set-up environment in our booth.
Yesterday, our Product and Market Strategy Team visited our friends at Newegg. We showed them our new Cisco SG350 Managed Switches, RV340 Series, and newest wireless access points including the WAP571/E, WAP150, and WAP361.
Our stack of product ready to show to Newegg!
Finally, the team would like to announce our second winner for our Cisco RV340 Series Contest. Manny Correia from Warwick, Rhode Island is our second week Prize Winner! Manny will receive our care package next week. Congratulations Manny!
The contest officially ends next Monday. Make sure to put in your entry daily!
Click here for the original Cisco Contest Blog. Scroll down for the Contest Quiz link.
Stay tuned here for upcoming news and products! Have a great weekend,
As more and more service providers and enterprises invest in Network Function Virtualization (NFV), the fast-evolving and maturing NFV technology poses special challenges for those who are looking to not only perform a proof-of-concept, but also operationalize their NFV initiative, and ultimately offer services to their customers.
If we consider the industry’s vision of NFV deployment as specified by ETSI, it says you should be able to pick an NFV component from each vendor, and assume these would work together seamlessly. The reality can be far from it, and this post will explore what you need to consider in your NFV deployment initiative, with a deeper dive in the area of NFV Orchestration.
Given that NFV standardization is not yet the reality, you need trusted vendors who can help you navigate the deployment and certification challenges, while still understanding if their recommendations are in alignment with your own long-term business goals. It is important to do so, because the NFV market is not yet mature. You may be able to work with one vendor that solves your problems today, but this vendor or their technology goes the way of Betamax tomorrow.
Technology Landscape: The standard specifies that an NFV orchestrator (NFVO) needs to support on-boarding, lifecycle, resource and policy management in VNF deployment. However, many VNFs do not comply to a standardized interface (APIs or files) for provisioning and license management.
Some of the NFVO solutions in the market let you write any custom scripts you want to deal to on-board each VNF. That may get you through proof-of-concept, but you risk ending up with a pile of unmaintainable provisioning scripts just as you do now with your physical network functions (PNFs).
The most pragmatic requirement to give your vendors now is to require that their NFV Orchestrator can on-board VNFs using standard descriptor files (e.g. VNFD), and that they have a concrete plan to address progressively the remaining NFVO requirements.
Component: VNF Manager
Technology Landscape: VNF Manager provide lifecycle management for VNFs. As a product, it also suffers from the immaturity of VNFs. As many of the VNFs have their specific methods for provisioning and lifecycle management, they often require specially coded VNFM (s-VNFM). As you consider deploying more services based on VNFs, you are looking at a world with many s-VNFMs, which can be a pain to operationalize.
We already have customers asking us to give them a generic VNFM that works with ETSI-standard compliant VNFs, so they can run only one VNFM for VNF lifecycle management. They are also asking their VNF vendors to quit being “special” in how the VNFs are provisioned.
Technology Landscape: Many service providers started out thinking by adopting OpenStack, they could have a VIM that is free of license cost and support their broad NFV initiatives. Then they realized that the VNFs and even their management tools are sensitive to the OpenStack distributions as well as release versions.
Here you really need to pick the VIM that your VNF vendors support, has a life ahead, and one that you will be able to hire people or find a vendor to support.
Knowing that our customers face these challenges, we build Cisco’s NFV product offerings to address their needs. These solutions are certified to work together, but at the same time, have also been deployed as standalone products integrating with other vendors’ NFV Orchestrator, VNFM and VIM.
Cisco’s NFV Orchestrator solution is built on Cisco Network Services Orchestrator (NSO), enabled by Tail-f and Cisco’s Elastic Services Controller (ESC). Continuing the tradition of Cisco NSO as a multi-vendor orchestration technology, the Cisco NFV Orchestrator solution has been proven to on-board simple and complex (multi-VM, multi-virtual deployment units) VNFs from over 20 vendors, supporting a broad range of VNF functions, including routing, vEPC, vPCRF, vIMS, load balancer, firewall, session border control and other security functions. Cisco also offers an NFV Infrastructure (NFVI) solution based on OpenStack that has been hardened to support NFV requirements.
You might ask how the Cisco NFV orchestration solution manages to support so many vendors and such a broad range of functions. We work with our customers, our partners, as well as industry certification bodies:
Aligning to standard body and 3rd party testing regimes
We achieve this by supporting the ETSI MANO guidelines, and continued testing with partners and customers
Successfully orchestrated VNFs from multiple vendors at ETSI’s NFV Plugtest in February 2017 (stay tuned for formal results expected to be announced shortly).
Independent third party interoperability testing conducted by EANTC with multiple third party VNF vendors
To enhance Network Functions Virtualization (NFV) adoption, Cisco signed Memorandum of Understanding with Ericsson, Huawei and Nokia to create the NFV Interoperability Testing Initiative (NFV-ITI)
VNF testing by Cisco or partners
Cisco has a partner certification program in collaboration with Intel to test 3rd party VNFs on Cisco NFVI using Cisco NFV Orchestration (NSO/ESC)
Cisco is enabling ecosystem partners like WWT to facilitate a comprehensive customer-led VNF testing and performance characterization
Finally yet importantly, Cisco’s VNF Manager (ESC) is VIM-agnostic, allowing you to deploy your VNFs to any cloud anywhere. This is important as NFV orchestrators gain the smart to allocate VNFs to different VIMs based on policies or resource availability. Choosing ESC helps to future-proof your NFV orchestration solution stack
As we wrap up this discussion of NFV deployment and orchestration, what we would like you to take away is that the state the MANO stack is still evolving. The ETSI MANO standard provides guidelines, but until recently has also been often been challenging for Service Providers to operationally execute against. Many of the earlier NFV proof-of-concepts have probably been built with one-off scripts and manual processes. However, the technology of NFV is finally mature enough to onboard VNFs in a standard-compliant process. We at Cisco think this is an exciting milestone in operationalizing NFV.
Find Out More
To learn what Cisco Network Services Orchestrator and Elastic Services Controller can do for your business, visit www.cisco.com/go/nso.
To find out more about Cisco’s NFV Infrastructure (NFVI) solution can do for your business, visit www.cisco.com/go/nfvi
For many people, learning is best done in the classroom. But what if, either because of illness or geography, a student can’t be in the classroom? The next best thing is creating a connected learning environment. At Australia’s Open Access College (OAC) in Adelaide and Port Augusta, more than 200 instructors are leading lessons to classrooms of students who aren’t physically there. And Cisco is making that experience better.
Originally the OAC was using audio conferencing to deliver lessons to their students. This proved to be both too expensive—the annual phone bill was over $1.2M USD ($1.5M AUD)—and the interaction was only one-way. The Australian government mandated that the OAC cut their spending by at a third.
Enter Cisco. With a new infrastructure made up of Cisco Aironet 2700 Series Access Points, Cisco 5520 Wireless Controllers and Cisco Catalyst 2960-X Series Switches, the OAC had the tools in place to introduce the Cisco WebEx Training Center. Cisco WebEx isn’t anywhere close to a traditional, static audio conference where one person speaks and the other listens. Those sorts of interactions are boring at best and completely ineffectual.
With Cisco WebEx, the experience is more hand’s on and interactive as teachers and students are able to share resources, including visual materials. Participants are able to see the other’s desk tops and can use the white board function to make sure that students are understanding the material properly.
The best part of the new Cisco solution is the cost savings, the OAC more than met the government’s demand of slashing their budget by 33 percent. In fact, with one annual Cisco WebEx subscription, the school cut its phone bill by over 96 percent per year.
It’s not just the big money savings that’s nice, with the Cisco wireless solutions in place, educators are able to move freely about the campus knowing that they have a reliable connection. They are able to offer a more enriched educational experience knowing that they aren’t tied to one singular location.
For more on how the OAC, please read the entire case study here.
For NYU campuses around the world, protecting data and connecting staff and students is now a reality.
Connecting university campuses around the world can be complicated. Critical research needs to be both available and secure. Different countries require different compliance. And you have thousands of students, staff, faculty and guests accessing your network. For a system they could rely on, NYU Shanghai asked our partner in Greater China, ECCOM, to help them integrate them into the global NYU network.
ECCOM says…
New York University in Shanghai is the first Sino-US joint venture with independent legal status that’s been approved by the Ministry of Education in China. It’s part of NYU’s global network that also includes a site in Abu Dhabi and its original campus in New York City. Connecting these universities with each other presents a big security challenge. Not just from a network security standpoint – handling mobile apps, BYOD, staff, students, and branches around the world. But the research different departments are doing needs to be both shareable and protected.
As one of Cisco’s biggest partner in China, our experience gave us the expertise to build a solution that could grow with NYU Shanghai. Using Cisco Enterprise and Security, we took a systematic Information Security Lifecycle approach to establish a sound security management foundation, building NYU Shanghai an IT infrastructure that can respond to any security challenge.
The story doesn’t stop there.
More stories on what our customers and partners are doing all over the world.
The Internet of Things (IoT) is accelerating digital transformation by enabling industries to evolve in the digital age. That’s why Cisco’s IoT team, along with the Digital Manufacturing, Utilities, and Transportation groups, took to the Cisco Live Berlin show floor to exhibit our latest industrial products and solutions.
To articulate what IoT means in the context of industries, we featured a Virtual Reality video demonstration that enabled customers to visualize how the Cisco IoT portfolio creates optimal business outcomes in the manufacturing, utilities, and transportation industries.
“The reality is that IoT is about the people using it – the people on the plant floor that are using IoT to make business outcomes happen,” said Maciej Kranz, Cisco’s Vice President of the Strategic Innovation Group, during his speaking session. Maciej spoke to the key benefits of deploying IoT infrastructure in industrial settings, including connected and remote operations, preventative maintenance, and predictive analytics. “Focus on the problem and try to solve it using IoT,” he said, reminding users to stay away from using a pre-built solution and applying it anywhere.
Our Digital Manufacturing demonstrations helped customers visualize plant floor insights and operational efficiencies. These demonstrations included Industrial Network Director, IOx and Fog Applications, Location Based Services, and the Asset Management Suite. Additionally, Cisco’s leadership in developing industry standards for time critical applications was on display with Time Sensitive Networking.
A Utilities demonstration showcased how an electrical utility can protect critical infrastructure in a power generation plant or substation by leveraging Cisco’s industrial security appliances, specifically the ISA3000 firewall. Another demonstration was Field Network Director, which manages and provides visibility into field area networks.
Digital Transportation demonstrations presented insights for connected mass transit for both operational and onboard solutions, featuring an array of connected devices such as the IR829, IE 2000, IW 3702 Access Point, and IP 67 cameras.
Cisco’s IoT portfolio is a comprehensive suite of products, solutions and services providing connectivity, security, automation, and insights from the fog to the cloud that organizations can deploy today. Be sure to check out digital solutions demonstrations on June 25th at Cisco Live Las Vegas.
Next week’s NCSA Nasdaq Cybersecurity Summit in New York will focus government and private sector leaders on two priorities—developing a strategic approach to combating pervasive cyber threats and creating a culture of cybersecurity across enterprises. These are critical issues that Cisco is addressing head-on, and we are excited and proud to be a part of this important event.
Cisco’s 2017 Annual Cybersecurity Report unveiled startling insights into the damage that breaches are inflicting: 22 percent of breached organizations lost customers and 29 percent lost revenue, with 38 percent of that group losing more than 20 percent of revenue. Those are big hits, and such high stakes demand a strategic, proactive approach to defense rather than reactive responses commonly seen.
There are three elements necessary for a comprehensive cyber strategy:
Get the Board on board
Board-level support is essential, and corporate executives must be prepared to make their case for it. Board directors should be asking their leaders about people and process as well as technology and policy to ensure a comprehensive cyber resilience strategy.
People and Process:
Are we evolving our culture (talent, skills, training, and adaptability)?
Do we have a process for continuous improvement for cyber resilience?
Do we have formalized response processes and capabilities?
Are core business and financial processes adequately secure and how do we know?
Are we using the right metrics to determine effectiveness of efforts?
Technology and Policy:
Have we performed a thorough cyber risk assessment of our use of technology?
What is our current level of cyber risk, and its potential business impact?
Are our systems of controls equal to the risks?
Is our cyber resilience strategy focused on our business objectives, protecting our most critical assets and providing business continuity?
How does our cybersecurity program apply industry standards and best practices, and compare with industry peers?
How do we measure our program’s effectiveness?
Answering these questions involves substantial effort, but the results will provide a solid foundation for the cyber resilient architecture that will be needed as companies invest in new technologies.
Securely Approach Digitization
An organization and its Board must understand that the business will digitize and use technology rapidly in order to keep the business agile – it is inevitable. Organizations must seize the opportunity to look at this digital disruption to hone focus and investment on associated security risks and challenges. While digitalization creates and expands business opportunities for organizations, evaluating the security considerations must be an essential part of the process. Savvy organizations are shifting from merely focusing on cyber security controls to building cyber resilient architectures that can stand up to today’s attacks. With such an architecture, a compromised system will resist failure—but if it is forced to fail, it will do so gracefully. Visibility across the network will enable the system to sense if it has been compromised, respond quickly and recover to an operational state.
For the last several years, Cisco has diligently pursued a secure digitization strategy that incorporates simplifying our processes based on targeted strategic outcomes, automating the specific technical architecture we need, monitoring our core processes to leverage analytics for machine learning, and continually innovating through collaborative technologies.
Create a Corporate Culture of Cybersecurity
As discussed in a previous staysafeonline.org blog post, cybersecurity must be part of everyone’s job. While previously considered to be “something the information security team does,” companies need to focus on making it part of everyone’s job. At Cisco, we’ve employed several successful education initiatives that have woven cybersecurity into the fabric of our company. Practices such as our Security Ninja Program are helping our employees understand the role they play in the overall security of our products and our customers’ data.
Understanding that there will always be budget and talent constraints, businesses must focus on relentless improvement measured via efficacy, cost and well-managed risk. Security must be an organizational priority – with commitments to training, evaluating the effectiveness of cybersecurity investments, and institutionalizing best practices and safeguards to minimize risk against current and emerging threats.
Monday’s summit will be streamed live on the NCSA Facebook page. You can also join the conversation on Twitter using #CyberAware.
From outdoor geolocation and asset tracking to a connected mouse trap, LoRaWAN™ is all about making connections and powering innovation.
They say if you build a better mouse trap the world will beat a path to your door. But what if you could connect that mouse trap with a disruptive radio access infrastructure? An infrastructure that enables entirely new kinds of battery-powered devices to communicate over private and public networks. This is the promise of LoRaWAN technology. The key arguments for LoRaWAN are: it is easy to install, deploy and use; it has a strong open eco-system based on free specifications; it offers a wide variety of devices with long battery life; it runs over unlicensed frequency bands – enabling private and public services with long range communications; and it supports authentication and encryption worldwide.
According to SNS research, by 2025, almost half of Internet of Things (IoT) Machine to Machine (M2M) wide-area connections will make use of Low Power Wide Area (LPWA) technologies, primarily as a result of ease of connection and simple backend infrastructure, wide coverage, low power consumption, and low cost. LPWA networks are expected to make a significant contribution to the M2M and IoT ecosystem, with an estimated $27 Billion in service revenue by 2020.
This opportunity led business leaders to create the LoRa Alliance, which is a non-profit association that standardizes an unlicensed LPWA technology: LoRaWAN. It is being deployed around the world to enable IoT, M2M, smart city, tracking and logistics, smart agriculture and other industrial applications. Cisco is one of the founding members.
In October 2016, Cisco rolled out the second-generation of Cisco LoRa gateway and continues to work with partners to build a full-fledged LoRaWAN solution for Service Provider (SP), Smart City, and industrial customers.
At Mobile World Congress (MWC) 2017 in Barcelona, Actility, a Cisco ecosystem partner, announced the availability of a comprehensive geolocation and tracking solution platform offering breakthrough network-based location capability enabled by Cisco LoRaWAN network gateways and infrastructure. The ThingPark Location Service will be available to IoT solution providers and enterprise developers. “We believe that accurate location combined with LPWA networks are a game-changer in the logistics sector, delivering a revolution in precision and efficiency of resource and supply chain management.” explains Actility CEO Mike Mulica. Cisco has integrated Actility ThingPark offerings with Cisco IoT Connectivity portfolio to accelerate worldwide LoRaWAN deployments.
The joint demo showcased at MWC consisted of six Cisco IR829 and IXM LoRaWAN Gateways deployed in the Barcelona port, which interfaced with the Thingpark Network Server. New asset trackers from Abeeway (an Actility partner) were used either in fixed locations or on board vehicles. Each tracker reported its location as seen by GPS (green), LoRaWAN (red), and Wi-Fi (grey).
Additionally, last month in Berlin, Cisco showcased several other use cases. One scenario showcased how collaboration tools can be combined with IoT applications to deliver better service and just-in-time information. IoT devices managed through Cisco Asset Management reported events over LoRaWAN, which then triggered monitoring of the unit through video streaming and actions in a Cisco Spark room.
Oh, and let us not forget about the connected mouse trap showcased at MWC 2017.
For more exciting solutions, please join Cisco Internet of Things Group and our ecosystem of partners at Cisco Live US and see what new innovations we have planned for you.
In my earlier blog post, I described the need for pervasive security and architectural approaches to enable secure, agile services against increasingly sophisticated attackers. Pervasive security is critical to the Open Network Architecture (ONA).
But what does pervasive security actually mean? Since a picture is worth a thousand words, let’s represent this graphically.
As stated earlier, the focus for traditional Service Provider security models has been on enforcement methods across the layers, and these remain a critical foundation to the successful security architecture. The other key component of the pervasive security model in the Open Network Architecture is Visibility. The key lesson we outlined earlier is that a successful security strategy requires the ability to understand what is happening inside our networks, both at the perimeter and within. After all, you can’t protect what you can’t see! Since each layer on the ONA performs a different task, it is critical for visibility to include each layer in order to gather as much data about what is actually happening on the network as possible.
Now, all that data isn’t useful without context or meaning. The Policy and Segmentation layer of the security architecture refers to the understanding and rules regarding the way services work and such matters as who is allowed to talk to whom? What are they allowed to talk about? How are they allowed to talk? And when are they allowed to talk? This can be for anything from endpoint communication, through network hosts, servers or even the cloud, across defined segments or within them. This then allows us to understand what should be happening on the network.
The Service Provider is now in the situation of knowing what ishappening as well as what should be happening on their network. It is logical to compare these two things to provide context and understanding to the data collected, and to provide monitoring of policy violations. This analysis can then be enriched through threat intelligence feeds, which provide information about known threats and events seen by other Service Providers, as well as techniques like behavioral analysis, which define the baseline behavior and identify deviations from this typical behavior.
Once anomalies or threats are identified by analytics, the Service Provider can then make changes at the enforcement layer to mitigate the threat. This might be anything from selecting a more secure service from the catalog, to spinning up a new security Virtual Network Function (VNF), to changing a firewall ruleset, Domain Name System (DNS) or File Policy. It can even be something as simple as shutting a port.
Working together, these layers provide a pervasive and holistic security architecture that scales to the demands and challenges of the next generation of Service Provider networks. By adopting such an architecture and selecting products and technology for implementation at each layer, Service Providers should be ideally placed to provide secure and agile services, and to face the challenges of the future.
For many people, learning is best done in the classroom. But what if, either because of illness or geography, a student can’t be in the classroom? The next best thing is creating a connected learning environment. At Australia’s Open Access College (OAC) in Adelaide and Port Augusta, more than 200 instructors are leading lessons to classrooms of students who aren’t physically there. And Cisco is making that experience better.
coverage, low power consumption, and low cost. LPWA networks are expected to make a significant contribution to the M2M and IoT ecosystem, with an estimated $27 Billion in service revenue by 2020.
