On the heels of a very successful Partner Summit, it’s clear that our partners continue to “own IT” and are viewed as the best in the business. Through the years, Cisco has also built a reputation as a world-class selling organization. But as the subscription economy emerged a few years back, we saw business models change dramatically, with software and SaaS moving to the forefront. The seismic shifts that began to unfold made it necessary for us to transform our approach not only to selling, but also to customer engagement.
Join us for the next SuccessTalk webinar, Digital: It’s Now Or Never, to learn how your organization can reach customers in the digital space.
We’ve found that in the subscription economy, what matters most to our customers happens after the initial sale and spans across the entire customer lifecycle. In fact, “land” has become just the first step in a more robust engagement process. Today, it takes a focus on the entire customer experience (CX) – across the “land, adopt, expand and renew” stages – to fuel a partner’s ability to grow. Taking it a step further, a 2016 SiriusDecisions study shows that B2B CX “isn’t just important to customer growth, retention and advocacy – it can truly make or break a company’s success.”
Several large-scale pilots we ran last year at Cisco validated the importance of focusing on CX and the customer lifecycle. One of the offers included in the pilots was our Collaboration Enterprise License Agreements (ELAs). Renewal rates for the ELAs were low – at only 63% — and we knew they should be well above 90%. So we went to work to improve those numbers. But our goal wasn’t to sell more renewals: instead we made it our mission to help our customers gain full value out of their technology investments including all the fantastic features and capabilities they might have been missing out on.
By nurturing customer success through stronger adoption, more renewals soon followed. In fact, at the end of the pilot program we hit a 97% renewal rate. Even better, we found that focusing on adoption not only caused renewals to skyrocket, but also prompted customers to invest in 19% more product on top of their previous purchases.
It’s Time to Get Digital
As we’ve witnessed the power of a lifecycle approach we’ve learned that the need to actively manage customer health and consistently engage with customers on their terms is essential to ensuring their future success – and ours. And because our customers are so diverse, it’s not surprising that their terms vary a great deal. Finding an effective way to personalize and scale out our conversations with each of them throughout the post-sale lifecycle has become critical. To address this complex challenge, Cisco has invested heavily in data science, analytics and automation and built a talented team of digital experts.
After talking to many of our partners throughout the year and most recently at Partner Summit, it’s gratifying to see that the investment is paying off. Cisco has made it a top priority to put the customer’s business outcomes first, and we’ve also made it a priority to empower our partners to do the same through data-driven platforms and programs, such as Lifecycle Advantage, and through the complimentary resources on our SuccessHub website.
As you plan, build, scale and monetize your own Customer Success practice, we invite you to tap into these tools to jumpstart your digital selling and engagement motions and future proof your business for the New Year and beyond.
To learn how to get in on the rewards of digitization and customer success, join the conversation on Nov. 14 as we hold our next SuccessTalk webinar, “Digital: It’s Now or Never.” Our top CX leaders will discuss how providing an immersive and unique digital experience can help your customers realize value sooner and keep them coming back for more.
Talk to any customer care or CRM industry vendor today and you’ll probably hear how they are enhancing their offerings with bots. If you’re like many people, your first reaction may be negative. But communicating with a machine may not be as bad as you think.
Bots are a trend in customer care due to many factors. These include their increasing capabilities and sheer novelty, but mainly it comes down to cost optimization. Companies will always look for ways to improve their profit margins, but this doesn’t necessarily mean replacing real people with bots.
Advancements in artificial intelligence enable bots to mimic humans. Yet we also know that complex interactions normally still require human agents. Let’s be real, nothing else matches the satisfaction level of a real human interaction — at least to date.
So how will these trends affect customer care agents? With bots capable of handling simpler tasks, agents can move to a role of expert/advisor. When customers get connected with a live agent after automated self-service, they are looking to talk to an expert. This trend is very visible where companies are hiring agents with more technical skills. And people like this aren’t always confined to the contact center. As a result, we see projected growth in at-home agents. Trends like these help us believe bots won’t replace human agents anytime soon, if ever.
Considering the above it makes one wonder whether we will soon see crowdsourcing of customer-care agents/experts. It’s starting to happen in verticals such as healthcare and financial services. You can crowdsource expertise based on a variety of factors, including need, time, and location.
For example, during tax season a tax consulting firm can onboard and offer crowdsourced tax experts for a set duration. The use cases can be many and varied across verticals. You just need imagination. For example, crowdsourcing can offer experts for college counseling, financial advice, basic medical care, and specialized technical support.
This also opens new areas of innovation. What might tomorrow’s expert routing, workforce management, regulation compliance, and expert training look like? How might crowdsourced agents be trained and informed?
Existing contact-center capabilities like precision routing and support for remote/home agents are steps toward formal crowdsourcing of agents. The agent experience is also a key element in this strategy. The Cisco Finesse agent desktop is designed to provide a great experience for customer support agents with a flexible and open interface.
Learn more about how Cisco Finesse can help you create a differentiated experience for your agents.
My path to cybersecurity looks more like a winding road than a straight line, but it’s the influential role models and valuable information I consumed with every turn that paved my path towards a career in cybersecurity – specifically privacy.
I fell into secure networking by chance. I was attending North Carolina State University and earning my degree in computer science when I watched Grace Hopper give a presentation on the speed of the internet. I was captivated by the information she shared and motivated that a woman was so knowledgeable on a topic predominantly practiced by men. After all, the majority of my classmates were male. From that moment on, I looked to Grace Hopper for motivation and was determined to break any barriers that held me back from my career ambitions.
After college, I worked in many facets of information technology, including mainframes, IBM protocols, VoIP, hardened routers and robotics, as well as various industries, such as government, sports and entertainment. I gained a wealth of knowledge on the inner workings of networks and different infrastructures, but it wasn’t until I was assigned to work on Cisco’s Trust Anchor technologies and the Cisco Secure Development Lifecycle (CSDL) that I found my passion for cybersecurity.
Develop Your Passion
As I learned more about the hacks and attacks that CSDL was defending, I realized my zigzags across Cisco’s technologies and business functions were coming together as a solid foundation to apply pervasive security. I had been working in security technologies and processes for five years working with strong role models such as Edna Conway, Michele Guel, and Cypriane Palma, when I came across a book written by Cisco’s Chief Privacy Officer, Michelle Dennedy – Privacy Engineering Manifesto. There,, my passion for privacy was solidified. Once I read it, I was all in and pushed to become part of the team working to embed privacy and data protection in our products, offerings, services, business applications and processes. I looked to Michelle as a leader focused on the innovations needed to protect and authorize the network data available globally. She, along with our collaborative team, set my sights on what is doable today and what is possible tomorrow. “Privacy please” is my Southern way of saying we have much to do to make digital opportunities a place of trust for each of us.
Seek Educational Opportunities
Looking back at my own experience, my advice for young women interested in a career in cybersecurity is to “be all in!” Constantly look for educational opportunities to strengthen your knowledge of the industry and attend various conferences and events that get you closer to today’s leaders. Learn from those leaders and begin to form the foundation of the leader you hope to be one day. Cybersecurity has so many facets and requires different skill sets to manage every component successfully. From traditional White Hat hackers to engineers to policy makers, there is an avenue best suited for you. It just takes the drive and determination to learn about the industry, follow influencers and determine where your talents and skills are needed. The industry is big enough for everyone with a passion to protect our world and defend our networks.
As much as we need to take charge of our own careers, it’s just as important for businesses to foster inspiring and collaborative work environments. Cisco developed its Inclusion and Collaboration initiative to harness the power of diversity and build a robust community of employees, as well as encourage its employees to continuously expand their career possibilities. Every time I think I’m finished with my career, Cisco opens up a new and exciting place to continue to learn, work with intelligent people and affect the world. Cisco’s empowering leaders and employee programs helped me succeed in an industry I am truly passionate about.
Cisco is a strong supporter of veterans, and we are committed to helping them transition to the civilian work force. On this Veterans Day, I’d like to thank all Cisco employee veterans for their service and recognize their valuable role in making Cisco a Military Times Magazine “2017 Military-Friendly Employer.”
Over the past year, we’ve focused on helping veterans find jobs in today’s digital economy through IT training and employment programs, as well as partnerships with local and state governments. Below, a snapshot of our major 2017 veteran initiatives:
Virginia Veterans Cyber Training Pilot (VVCT)
Organized by Cisco, this coalition of cyber-related training offerings from Cisco, Amazon Web Services (AWS), ISC2, Palo Alto Networks, and Fortinet is a free, online program for veterans who want to live and work in Virginia’s growing cyber industry.
“There are different opportunities offering various paths that include training and certification at no cost to veterans. Thanks to VVCT for providing real support to veterans. I am now CISSP certified! It’s truly awesome.” – Patrick Byrne, VVCT graduate
Since March, over 100 veterans have enrolled in the training, and a fourth cohort begins this month. Our goal is to train 200 veterans by the end of 2017, with the ultimate mission of connecting veterans to jobs in Virginia or fostering their continued IT security higher education.
Veterans Talent Incubation Program (VTIP)
VTIP offers free, online CCNA training, leading to employment at Cisco upon successful completion of the CCNA certification exam and a soft skills assessment. The program launched in August 2016 in Research Triangle Park (RTP) through a collaboration between Corporate Affairs, Human Resources/Talent Acquisition, and Cisco’s Services organization.
Since then, 25 graduates from the initial two classes have obtained jobs as customer support or networking consulting engineers at Cisco, and nearly 25 graduates from the third class are expected to receive Cisco job offers.
USO Metro Project Next S.T.E.P.
The Next S.T.E.P. program at Fort Belvoir, Virginia’s USO Warrior and Family Center, allows veterans the opportunity to learn new technical skills and prepare for competitive post-military employment. Started in 2016, 91 veterans have obtained their CCNA certifications through the USO.
Cisco Networking Academy
Since the inception of the Cisco Networking Academy in 1997, over 73,000 military personnel on 22 military installations have been able to develop and advance their IT skills, better equipping them for their roles within the military as well as career opportunities. In the past 12 months, over 24,000 veterans have been enrolled in a Networking Academy course.
NPower
NPower, a non-profit organization and NetAcad partner, creates IT learning pathways for veterans and young adults from underserved communities. Last September, Cisco CEO Chuck Robbins and HR VP Jason Phillips welcomed 60 NPower veterans from the Bay Area to Cisco’s San Jose campus.
Chuck was honored later at NPower’s gala in New York City on October 11 for his efforts in promoting diversity and education initiatives.
Meet Pete Sawyer, a military veteran using his skills to give back to military members and their families
VETS ERO members in San Jose, RTP, Ohio and Herndon recently sent 246 care packages to deployed U.S. Service members. In April, RTP’s VETS ERO members supported the Valour Wounded Warrior games in Raleigh. VETS ERO members also installed Cisco-donated Wi-Fi equipment at five Fisher House locations—Las Vegas, Tucson, Milwaukee, Fort Bragg and Houston—where military families can stay at no cost while an injured veteran is receiving treatment.
IT Awareness Day
With the support of the RTP VETS ERO, Cisco conducted an IT Awareness Day in March for veterans interested in IT careers. Nearly 75 veterans attended, and in September, with Arizona State University, Cisco conducted an IT Awareness Day at ASU’s Tempe campus. Approximately 250 attended virtually to explore careers in technology.
Cisco Veteran Hires
As part of Cisco’s participation in the Veteran Jobs Mission, we regularly report on Cisco veteran hiring outcomes. In FY17, veteran hires at Cisco as a percentage of total hires (US only) was 3.8%, an increase from 3.2% in FY16.
Cisco’s veteran programs are focused on bringing awareness to the value our veterans bring to the private and public sector, and providing veterans with job skills training and employment opportunities.
Subscribe to the CSR blog for more updates on Cisco’s efforts to accelerate global problem solving for people, society, and the planet.
Cisco Networking Academy has been changing worlds for 20 years. To celebrate this milestone, we are spotlighting some of the 7.8 million students worldwide who have benefited from this IT education and career building program.
Rayden Yongxiang Chia
Boston, Massachusetts
Current occcupation: Student, Massachusetts Institute of Technology (MIT)
Networking Academy coursework: CCNP Routing & Switching, CCNP Security
One word to describe his Networking Academy experience: Compelling
When he was only eight, Rayden’s parents got a hand-me-down computer from some relatives. “Like any other child, I started playing a lot of computer games,” Rayden says. He played so much, his parents put a password on it; Rayden hacked it, using research at the library. “That’s what spiked my curiosity,” he says. And that’s why he took Networking Academy courses in high school.
He says it helped him to focus on his future plans. “I foresee myself in some position related to information security,” he says. Rayden is especially interested in “penetration testing, which is basically breaking into systems” as a way to keep hackers out. He wants to test the system and look for flaws — just like the one he discovered on his parent’s computer, years ago.
Cisco Networking Academy has been changing worlds for 20 years. To celebrate this milestone, we are spotlighting some of the 7.8 million students worldwide who have benefited from this IT education and career building program.
Liliana Gamez Zavala
San Luis Potosi, Mexico
Current occupation: Full Time Professor
Networking Academy experience: Microsoft Office, MTA (Microsoft Technology Associate), HP ATA, CompTIA ++, CCNA, ITQ
One word to describe her Networking Academy experience: Evolution
Lily is a Networking Academy instructor because she wants to share her experience with a new generation of students. The Networking Academy, she says, is “very important” in finding good jobs in Mexico — and teaching lets her “change lives.”
She sees it time and again. Lily recalls one student who could barely afford her classes, but still persisted. Now, he’s working at a senior level at a factory in Mexico. She pushes her students and wants to see them all succeed, because once they finish with their education, “they can improve themselves.”
Pieter-Jan Nefkens is a Cisco Champion, an elite group of technical experts who are passionate about IT and enjoy sharing their knowledge, expertise, and thoughts across the social web and with Cisco. The program has been running for over four years and has earned two industry awards as an industry best practice. Learn more about the program at http://cs.co/ciscochampion.
=============================================
At one of the projects that I’m currently working on, confusion was rising around the terms Cisco DNA, DNA Center and the implementation of Cisco DNA Center. It didn’t take me much effort to clear up the confusion but it does provide the need for an explanation on Cisco DNA, DNA Center, Software-Defined Access, Network Function Virtualization, Analytics, Automation and Smart Networks.
Reason enough for me to write down my thoughts and vision on the ever emerging trends, developments, tools and changes that will come to the network world.
Cisco Digital Network Architecture (DNA)
Cisco Digital Network Architecture is not a product, it is not a solution, it is a vision on how a network infrastructure is designed and implemented to fulfil the needs of modern, digitized, environments. In recent years more and more companies have conformed to an architecture frameworks like TOGAF and work under these architecture frameworks. I might write another blog about architecture frameworks in the future.
From a TOGAF perspective, Cisco DNA is part of the technology architecture, for the network infrastructure.
In present day, the reliability and quality of a network is such a commodity that there is limited to no understanding that a relatively small change like adding a VLAN for a new network service, can have huge consequences and downtime if not executed properly, which can result in these changes take longer than perhaps necessary. Thanks to devops, agile development and digitization a huge pressure is put on IT departments to adopt and deliver faster to the organization, but of course without any reduction to speed, reliability and safety of the network infrastructure.
Cisco DNA represents an architecture for how network infrastructure can be designed in such a way that the network (as part of IT) can adopt faster to meet the requirements and pressure from the organization. The Cisco DNA architecture is based on the following principles upon which the solution model for the modern network infrastructure (design, implement and management) is built:
There is a layered approach with abstraction to this framework, so that each tool / process can fit in the right place. This way, an open framework is used where best in class can be placed at the right layer.
Design principle #1: Security everywhere
Security is essential in any environment, public or commercial. With the recent threats of ransomware, including Not Petya and other hacks no extra explanation is needed. A secure network is critical for the security of the data that runs through the organization. By using the network as a sensor and enforcer (the network sees all flows), the network infrastructure can support in analysing the threats and risks to the organization. So the network must become a sensor and enforcer in the security framework. Of course the before-during-after paradigm for a security framework assists in this design guide as well.
Design principle #2: Virtualize everything
SDN has become common in many organizations, where the control plane is separated from the data plane (software defines how data flows through the network). SDN was always restricted to the type of hardware that is in place, e.g. a switch doesn’t have router functionality, a firewall is not a router, etc. What if you could virtualize these network functions in such a way so that the software defines what role the hardware has, without impact on performance (hardware asics)?
This means that a network component can fulfil different network functions during its lifecycle, being a switch, a firewall, a router, a WAAS or any new network function that is invented. Based on this design guide that all network functions are virtualized, an SDN controller can truly control the behaviour of the network infrastructure
Design principle #3: Designed for automation
Design the network in such a way that automation can take place. Automation is key to fast, standardized, delivery of changes across the infrastructure. This can only take place if the network infrastructure is standardized on software releases and configurations.
For example, only when the voice VLAN on all branch locations is the same, can a generic standardized policy (and assignment) be created for voice devices.
Design principle #4: Cloud service management
Cloud has become a common part of many IT environments. Cloud applications have very high availability and capacity. By using the cloud one can define and provision network services (applications, services) and policies (who is allowed to do what) from a central environment. Of course there is choice to run this centrally managed cloud app in a public cloud or on premise, depending on the organizations requirements and cloud maturity.
Design principle #5: Pervasive analytics
Machine Intelligence, big data lakes, and analysis of microflows help with the prediction of failures in your network. By proper analysis, problems in performance or behaviour can be predicted in a proactive manner. As an example, we all know that when a client cannot connect, it’s always the network. But with pervasive analytics, telemetry reports that the DHCP server isn’t responding back on the DHCP requests, so it is more a DHCP server problem. The average time to resolve a problem and find a root cause can be reduced dramatically because pervasive analytics provide you the insight. Perhaps this design guide could be the best part of the business case for DNA, imagination is only the limitation to what can be done.
Design principle #6: DNA-ready infrastructure
On the bottom is the infrastructure layer, consisting of all network components like your routers, switches, firewalls and wireless controllers. It doesn’t matter if the equipment is physical or virtual like ASAv, CRS1000V, or NGFWv.
The features of DNA (faster delivery of services, detecting problems and increasing flexibility) can only be implemented if your network devices are also DNA-ready. In fact, almost all actual switches, wireless components, firewalls and routers are DNA ready. Proper life cycle management is supportive for this.
DNA Framework
Principles alone do not create an architecture, it also needs a conceptual framework in which the different elements come together for the solution that meets the requirements (both technical and from the business) and the design principles. The network infrastructure communicates, via open API’s, with two processes:
• Automation is responsible for the so-called day0 (provisioning of new equipment) and day1 operations (create, change, update or delete of services). These API’s could be implemented in different ways, although more and more devices supported NETCONF and YANG models.The automation block can be filled with different kind of tools, for example APIC for ACI, Cisco NSO or APIC-EM for campus networks. It is dependent of the organisation itself.
• Analytics tooling receives telemetry information from the network infrastructure, also based on open API’s. This could provide all sorts of metrics, like netflow, SNMP, Syslog, but also some API-related data like reading out TCAM’s or probes.
Analytic tools can use this data and configuration to analyse and extract threats, risks and performance trends. Of course, different applications can be used for analytics, such as Stealthwatch and ETA for threat analytics, or another analysis tool.
Above the automations and analytics blocks is a superordinate (like an umbrella) process in which the network infrastructure can be defined as applications, services and endpoints. This process, which is centrally located, is responsible for pushing the proper configuration templates to the automation process and translating the data from analytics for visibility and the quality of the endpoints connected to the network.
This solution architecture takes a network infrastructure quite some steps further than a validated collapsed core design, a Cisco SAFE architecture or a validated design for datacenters. It is much more a vision and abstraction model under which different network designs can be implemented. The principle thought is that every network is like a snowflake, all are unique, but with 80% similarities. Cisco DNA is used as basis for the Cisco Network. Intuitive and Intent Based Networking.
Model, Tools and technology
A model is one step, but that doesn’t bring any company to a network infrastructure ready to adopt changes faster and become a more predictive less complex network. For that, Cisco has announced (and available) several products and solutions, that meet the above mentioned model. Below is a list of products from Cisco with a short explanation on its role within DNA.
DNA Center
DNA Center was announced at Cisco Live Las Vegas in June 2017. DNA Center is the single centralized management interface for Cisco’s Intent-based networking solution. It uses templates based on Cisco best practices and validated designs to enable the configuration of Cisco products and using network automation for solutions like software defined access (SDA). DNA Center is the integration of the blocks automation, analytics and centralized tool in a single appliance (DNA Center Appliance).
Cisco Enterprise Services Automation (ESA)
This is a separate application that communicates with APIC-EM (automation) to realise network function virtualizations on Cisco NFV platforms (ENCS5400, UCS-E series). It is used to define, deploy, and manage these virtual services on the platform. It is logical that in time this will also be featured in DNA Center.
Campus Fabric / Software Defined Access (SDA)
Software Defined Access is a (scalable) solution for campus networks to quickly, reliably and easily define new networks, including security and microsegmentations. It is based on a logical layer3 network infrastructure for connectivity (underlay) and clients are connecting to virtual networks based on VXLAN for data transport and LISP for control. As VLAN’s are not used anymore, time to deliver new services is cut down dramatically and problems with STP and VLAN’s are history as there is no layer2 network anymore.
Cisco Network Services Orchestrator (NSO)
Cisco NSO is a Network Services Orchestrator, also an automation tool. NSO is the result of the acquisition of tail-f in which the network infrastructure is based on a YANG model. On top of this YANG model services can be defined and deployed. So-called network endpoint devices (NED) take care of the translation from the YANG model with services to a configuration of the device. NSO is from the ISP world and is making its move to the enterprise however it doesn not currently support DNA Center. NSO is vendor-independent and there are also NED’s for other vendors like Citrix Netscaler, etc.
Cisco ISE
ISE is an integral part of the DNA framework, although it doesn’t fit in automation or analytics, as it provides both functions for device identity. ISE provides the identity services for your network and is used in Software-Defined Access (SD-Access) deployments to provide the SGT’s to the proper network port.
Enterprise Threat Analytics (ETA)
ETA is a newly announced analytics product that is capable of analysing behaviour of encrypted traffic in such a way that threats and other traffic can be detected without SSL decryption. It is used to determine if anomalies, like malware, are on your network or not.
Stealthwatch
Stealthwatch is clearly an analytics tool, which is used within the network as a sensor, based on Netflow. ETA and Stealthwatch are closely related with each other.
DNA Center Assurance
Assurance is also an analytics tool, in which telemetry is extracted from the network. CMX is an example, but DNA Center Assurance takes analytics much further, like detecting if the DHCP server isn’t responding to requests, or that a client is entering a black hole, or that your network is hitting a known caveat.
DNA-Ready Infrastructure Devices:
Almost all modern Cisco Switches, Routers, Firewalls, Wireless Controllers support DNA. Rule of thumbis that if the device has the UADP ASIC, it is DNA-ready and supports SD-Acesss. Most of these devices are Cisco IOS-XE based, like the Catalyst 3650/3850, ISR 4k and the WLC 5520’s. The new Catalyst 9000 has the new UADP 2.0 ASIC which enables it to support ETA.
The table below provides an overview which tool fits in which design guide and DNA Center solution block:
The Cisco Digital Network Architecture is defining a vision for the networks that need to be built to support the huge amount of devices that will be interconnected and be flexible enough as nobody can foresee the future. Implementation is not a one-step-fits-all solution that is easily implemented. It is a journey that starts today and allows enterprises to adopt and build on the DNA framework for readiness and agility in the digital world.
Last week, Cisco Corporate Social Responsibility (CSR) hosted a #CiscoChat on its Twitter page around social entrepreneurship; specifically, we looked at how organizations, companies, and individuals can leverage technology to accelerate social change.
As a strategist on CSR’s Strategy and Global Problem Solving, 1B team, I joined three featured participants during the hour-long discussion:
Mary Elizabeth’s team, Project Vive, was the grand prize winner of our first annual Cisco Global Problem Solver Challenge. Teresa, co-founder of Neopenda, was part of a team to take home the Cisco prize in the 2016 Rice Business Plan Competition. And as the founder of Good World Solutions, an organization to which Cisco CSR provided early stage funding, Heather’s experience in social entrepreneurship is extensive.
Our responses show how digitization and the Internet of Things (IoT) is connecting more devices and data than ever before, with good ideas now having the ability to make a difference more quickly than ever, leading to positive change and financial success.
Whether you’re a student with an idea for the “next big thing” or an organization looking to scale, technology is playing a huge part in making those innovations possible.
Here are a few of my favorite responses from last week’s #CiscoChat:
Q1: In the age of digitization, what role can technology play in impacting pressing social issues?
A1.1: Digital tech today enables us to think way outside the box when we’re trying to solve important challenges facing society #CiscoChat
Why software automation support is needed in today’s networks
Anyone working in network admin today knows that the network has long since blown passed the days of being managed as a collection of devices. The days of network admins using the CLI to configure devices, or “automating” some tasks with TCL scripts may have worked in the 1990’s or early 2000’s, but it’s simply not enough to keep up with the scale and complexity of today’s networks. That said, the business mission for the network hasn’t changed. If anything, in today’s world of digital transformation, that mission has become even more critical – highly reliable services, rapid remediation of issues, efficient services upgrade process, security.
Administrators must have the ability to manage all those network devices and their services thru software. As a result, the use of traditional CLI copy-paste configurations process is going away, and being replaced by a vast usage of API’s to automate large scale networks.
This is what Cisco’s DNA Intent Based Networking is all about.
Network administrators can now build simple, yet very powerful software to manage their networks, to automatically detect and alert them for any abnormal behavior, get real time (or close to real time) network status, easily configure and maintain the deployed network devices, etc.
Programmable Networks and the New World of Intent Based Networking
This new world of the intent based, programmable network is not possible unless you have network devices that are programmable. Everything should start with a proper infrastructure management on the device itself. That’s where Cisco’s IOS-XE comes in – a newly designed, highly programmable operating system for Cisco switches and routers in the enterprise network, which aids the network administrators to manage today’s networks.
IOS-XE has support for various popular open standard modelled API’s for ‘off-box’ automation to achieve this. (I.E: OpenConfig, NetConf/Yang):
By modeling each network element’s attributes (e.g. BGP, QoS, ACL, etc.) in a structured data structure (e.g. XML/JSON formats, network admins can leverage various parsing API’s techniques (e.g. Python’s xml.dom.minidom), to develop easy to maintain and easy to scale code.
Since we will not rely on any dedicated CLI syntax to push and/or get the device’s configurations/attributes, the API approach is much more preferred as new features/attributes can be augmented to the modeled tree.
This modeled system representation saves a great deal of development cycles for the customers. As long as a network vendor sticks to the models approach, customers can use the same script to automate a Cisco switch, an HP switch, a Juniper router… – Customers no longer need to spend time and money hiring people to specifically develop automation for HP CLI, or for Cisco CLI or for Brocade CLI… The same script that configures the common device’s attributes with Netconf will work on any vendor!
Network Devices, now with Linux Built In
In recent years, many network vendors push to have Linux OS based flavors on their devices’ operating systems, to allow more openness when it comes to automating processes to be executed on the devices themselves (AKA: On-box automation).
Cisco’s IOS-XE has a feature which allows network admins this capability.
It’s our IOS-XE GuestShell.
Let’s start by understanding what IOS-XE’s Guestshell feature is all about:
Guestshell allows admins to perform common Linux operations in a secure manner, thus enable hosting/running open Linux applications, yet still making sure that they will not harm any critical functionality on the switch.
One of the benefits of a Linux based guestshell is allowing admins to use any scripting language out there, to perform basic automation tasks – One of them is Python, which is supported as a built-in programming language on our IOS-XE Guestshell.
To learn more about our Guestshell capabilities, see this Cisco blog post.
Analysts Love Cisco’s GuestShell Recently, Miercom did a report showcasing our Guestshell:
To demonstrate IOS-XE’s Guestshell capabilities, we executed a Python script that runs as an agent on the switch to detect any configuration changes done on the device.
Upon detection, the device will automatically email the admin, outlining the changes done on the device
In order to make this work, we seamlessly enabled the Guestshell to role as a mail server using basic Linux admin commands.
I didn’t have to look that far when I had to think of an automation use case to demonstrate our Guestshell. Our Cisco DevNet provides countless code samples, online tutorials, and on-demand LABS – All for free!! I edited a Python code sample via our open to the public GitHub, and implemented the above use case pretty easily. DevNet also gives you lots of help if you want to explore Python sample code for on-box, off-box, or with network controllers.
Well, Huawei has no matching feature for Cisco’s Linux Guestshell in their S5720HI.
Another point about NetConf support for off-box automation
When it comes to off-box automation, NetConf ( an open-standard models protocols) has become highly popular, due to the rise of software and automation in the networking world. This is where the future of the network automation is going…
Let’s see what NetConf is in a nutshell:
NetConf is an industry standard (IETF) network management protocol (RFC6241)
It’s probably the closest thing we can see that could be a unified, multi-vendor API (with some vendors’ specific extensions – AKA: the “secret sauce”)
It allows customers to re-use the basic network configuration and management API’s across various vendors that support this protocol
As mentioned above, Cisco’s IOS-XE supports NetConf’s standards, which allow customers to automate Cisco devices using any client that can SSH to our devices via NetConf’s port (port 830).
What about the Competition?
And what about Huawei you may ask? While claiming to have NetConf support on their S5720’s, Huawei was not completely clear in their tutorials. In order to use NetConf on their S5720HI’s, customers are required to purchase their Agile controller which will role as the NMS (Network Management System – see the below diagram taken from their public tutorial)
Additionally, they recommend that customers should avoid using CLI based configurations, should they choose to go with NetConf, as it might create inconsistencies in their device’s settings!
With those caveats, Huawei “breaks” the idea of NetConf’s concept with their current support, since it requires a “special care” and more investment from the customers in order to make it work…
But don’t take my word for it. See for yourself. Download the complete Miercom report, click here.
The bottom line is that having the network managed through software makes the network admin’s life much easier. With tools like IOS-XE, and learning resources and sandboxes from DevNet, you have what you need to be the network admin of the future.
Considering the above it makes one wonder whether we will soon see crowdsourcing of customer-care agents/experts. It’s starting to happen in verticals such as healthcare and financial services. You can crowdsource expertise based on a variety of factors, including need, time, and location.
