Having just returned home to New Jersey from Cisco Live US in Orlando, Florida, I thought I’d share my experiences as a Network Security Engineer both attending and presenting at this year’s conference.

There were approximately 20,000 attendees at this year’s conference, which I believe set a new Cisco Live attendance record! Considering the huge size of the conference, which rivals game day attendance at some small market Major League Baseball teams, I was amazed at the efficiency and organization of the conference—from the session logistics to the World of Solutions “happy hours” and the Customer Appreciation Event held at Universal Studios!

While listening to the various keynote speeches, most notably those from John ChambersPadmasree WarriorRob Lloyd, and Edzard Overbeek, it’s clear that Security, is “Top of Mind” for the Cisco Leadership Team.

Out of the roughly 625 sessions, there were approximately 100 sessions and labs focused on security, including a few below, which were presented by some of my fantastic and extremely bright peers within the Security organization. Sessions and labs included relevant topics such as network threat defenseIPv6threat mitigation, and intrusion prevent and signature development.http://csio.cisco.com/blog/wp-includes/js/tinymce/plugins/wordpress/img/trans.gifIn addition to presenting Identifying and Mitigating Network Threats, I participated in several “Meet The Engineer” appointments and “Lunchtime Table Topic” sessions that were focused on Detecting & Mitigating Threats using the network infrastructure and the Cisco Security Intelligence Operations Portal (Cisco SIO)—Cisco’s home for all security content and collateral. During these sessions, I spoke to number of customers from across industries—public and private sector and enterprise and service provider. Despite the varied backgrounds, the questions were similar—customers want to know how they can leverage their existing Cisco infrastructure to both detect and mitigate network threats. I received questions about the use of NetFlow, the availability of existing distributed denial of service (DDoS) mitigation options, and the Best Common Practices  for overall hardening of network devices.

If you weren’t able to attend the above sessions we’ll be providing a repeat performance of some of these sessions at Black Hat USA 2013 in Las Vegas, Nevada later this month.

Although the specific environments and concerns varied for each customer the general consensus was, and while supportive of Cisco in terms of our security products and solutions, they are resource-strapped (i.e., lacking time, personnel, and budget) and need more guidance and support in configuring, managing, operating, and maintaining their network security deployments.

The feeling is that if we, at Cisco, cannot simplify overall network security for our customers then they, the customers, have a sense that they are fighting an uphill battle. If you’re a customer feeling like you are in this predicament, please visit the Cisco SIO Portal for a wealth of information on the latest security threat information, technical security resources including white papers and common best practicesCisco and third-party security alerts, and upcoming security events.

If there is specific security content on the SIO Portal that you find particularly helpful, we’d love to hear about it.  And if you’re looking for something you can’t find on the portal, we’d like to hear about that as well. Our goal is to provide information that customers can use, be it new content or changes (improvements) to current information published and archived on the SIO Portal.

I also spent several hours throughout the week navigating the maze of networking vendors in the World of Solutions where many companies showcased their security products and solutions. Most of my time there was focused on looking at the availability of DDoS solutions which resulted in long and informative discussions on both the recap of the Financial DDoS attacks as well as the current state of DDoS with folks from Arbor Networks. We revisited the events of fall 2012 and March 2013, discussed our meetings with the FS-ISAC, shared thoughts about how we collectively fared in battling the miscreants behind the attacks, and posited ideas as to when and how the next wave attacks may take place.

I’ve always enjoyed being at Cisco Live as it gives me the unique opportunity to hear from and speak with so many Cisco customers, employees, and partners all in one location. The feedback and information I gather from the varied experiences is invaluable. These experiences provide me with a wealth of knowledge that helps drive my efforts as a network security engineer, aids me in the identification of and promotion of deliverables in support of network security, and gives me a window into what our customers really need and want from Cisco in terms of security.

I look forward to meeting you next year at Cisco Live US 2014 in San Francisco, California!! If you have any network security-related feedback from last week’s Cisco Live, please share with us by posting your comments here.


John Stuppi

Technical Leader

Cisco Security Research & Operations