Take Education from the Dark Ages to the Digital Age with Cisco DNA

– February 28, 2017 – 0 Comments

I went to school in the Dark Ages. Alright, that may be a little melodramatic. It was San Francisco public schools in the 80’s and 90’s: we barely had enough musty, old textbooks to distribute to each student, school computers were used solely for Oregon Trail, and my teachers used noisy overhead projectors with dry-erase transparency sheets as learning tools. If you’re over 35, you may remember all of this fondly.

But it’s 2017 now. Today, campuses and classrooms are undergoing a digital transformation. A classroom of students can connect with guest lecturers virtually, from across the world. Learning tools have gone digital, where students use tablets and laptops in place of those musty old textbooks I had. In fact, 75% of teachers believe that digital learning content will totally replace printed textbooks within the next 10 years. Students can even join in on class lessons from their hospital beds. A stunning 2 out or 3 children today begin using digital learning tools by the time they turn 5 years old. (Deloitte Digital Education Survey 2016)

Today’s digital campuses and learning technologies require a robust network to support bandwidth heavy courseware and collaboration applications (video, voice, etc), learning management systems, and the multitude of devices (laptops, tablets, smartphones). With this complexity in mind, the network should be simple to deploy and manage, while student and research data need to be secure. And in today’s rigorous academic settings, competition among schools for student retention and attainment keep these institutions striving to increase student engagement with personalized and relevant experiences.

Cisco Digital Network Architecture (DNA) ensures that your network can handle the requirements of devices, applications, and services on your digital campus. With Cisco DNA’s automation and assurance, insights on the network and your users, and security network-wide, education institutions can focus on fostering innovation, learning, and engagement among their students and faculty. To learn more, check out this interactive infographic on how Cisco DNA can enable digital transformation on your campus. Is your campus network going digital? Let me know how, in the comments below!


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

An IPv6 Campus of the Future

– February 27, 2017 – 8 Comments

IPv6 as a protocol has been known for a while, but enterprises are beginning to understand the ways in which it can help them achieve their goals, improve efficiency and gain functionality that were hitherto unavailable.

When the IPv4 to IPv6 transition first took place, some Internet-scale companies enthusiastically adopted the technology. They built out their data centers as IPv6-only networks understanding the impending exhaustion of IPv4 addresses. Most other companies attempted to manage the transition by simply migrating from native IPv4 to a dual stack network for IPv6 compatibility. This, however, neither saved IPv4 addresses nor improved features and applications over IPv6.  The logical next step for those companies and indeed the industry, in general, is to implement entire campuses as IPv6-only networks. The advantages include avoiding the maintenance of two protocol stacks, reduced OPEX, and, chiefly, no more dependency on IPv4 address. The IPv6 network is cleaner, faster and more secure thanks to a protocol redesigned to embrace encryption, favor targeted multicast over expensive broadcast communication and remove variable length subnets from routing.

Cisco has been one of the early pioneers in this space. From an implementation and adoption standpoint, we have taken it upon ourselves to start building an IPv6-only campus to demonstrate to our customers not just the criticality of this technology but also how exactly to manage the transition seamlessly.

The Cisco Enterprise Network Engineering team, in collaboration with the Cisco IT team, took the lead in converting Building 23 (known internally as “The v6 Island”) in San Jose, California to an IPv6-only network. The building, serving over 500 employees with at least two devices per person, over 120 access points and 20 network devices, accessing nearly 20 IPv6 applications and three collaboration endpoints per device, went live with the transition shortly after the new year began. As committed as we are to innovation, we also sympathize with early adopters of emerging technologies. As a consequence, we turned lab rats, as it were, in building an IPv6 campus. The goal was to demonstrate how to navigate the growth pains of such a revolutionary transition with a clear and near upside.

This transition has been one of our coolest projects, and it is very exciting to have the opportunity to roll out the first-ever true IPv6-only building in the industry servicing the typical daily business traffic of a large enterprise. Despite this excitement, the changeover to a pure IPv6 facility has been herculean in terms of ensuring non-disruption of critical services. Cisco users interact daily with diverse Enterprise applications – many designed without IPv6 in mind – and they expect to get their jobs done from any platform, anywhere.  This meant network plumbing – writing a translator for domains that are still running on v4, customer-centric practices like engaging with multiple users and being proactive to enable a wide range of devices (we are proud proponents of BYOD). Despite these challenges the project was all wrapped up in three months and the results speak for themselves. The IPv6 user count has consistently been at 450+ users daily with traffic throughput measuring an average of 400 mbps.

Adoption of a new technology is difficult and most technologists wax eloquent about initial reluctance. As we strive to be adopters and advocates for IPv6 as the way of the future, we have successfully implemented our own solution to demonstrate what an IPv6-only building is capable of. As we gain momentum towards v6 enabled collaboration and mobile-based adoption, it is our hope that our v6 implementation acts as a lighthouse and guides you on your v6 journey.  Learn more about our IPv6 journey in this video. 

Would love to hear about your IPv6 stories @aoswal1234.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.


  1. The performance statement is interesting. As a tester of IPv4 and IPv6 capable routers I see that the IPv6 performance is much less than IPv4 given the same router configuration and traffic profile. Just wondering how IPv6 performance in 23 was measured and how it compares to IPv4 numbers under the same configuration.

  2. As part of employee in Bldg-23, we have been part of this transition. After initial hiccups (mostly due to issues on MAC side), the experience have been smooth on Mac and iPhone. In general, transition to IPv6 has been slow in world because of various technologies to help with exhaustion of IPv4 addresses. However as we enter in the world of 50 Billion devices, IPv6 usage is about to explode and hence such transitions and Cisco-on-Cisco is very critical for Cisco to be in fore-front of this.

  3. Remarkable feat indeed!
    Would love to attend a nerd lunch that gets into the engineering details of how this was orchestrated and problems that the team ran into with our switches/routers, details of domain translator etc. What would help from a monitoring perspective etc.

  4. It will be very inconvenient for lab equipment. Most development activities are done in IPv4.

    This is an amazing journey for sure and I have been part of many initial discussions towards the IPv6 enablement and agree with Anand. The best way to move forward is to aim towards IPv6 only infrastructure building. It may take some time to get to optimal points but its worth investing the time and money. Nice informative blog as always Anand.

  5. Awesome feat. I’m really glad we started converting building to IPV6. More and more customers and ISPs are using IPv6 and most mobile apps support IPV6 these days.

    Let’s master the conversion process and take it to other buildings/campuses and help our customers do the same as well.
    Internal Nerd lunch will be helpful.

    We also need to drive IPV6 adoption in our labs. Cisco on Cisco is a very powerful marketing tool.

  6. Awesome achievement to transition to a completely IPv6 network. Cisco should lead this transition in the industry. We recently added IPv6 support for the Plug-and-Play solution so that a device can be on-boarded and deployed by customers like Reliance and NGENA who operate pure IPv6 networks.

    For Cisco, there still are gaps in promoting IPv6. For example, by default IPv6 is not enabled on the interfaces in most of our platforms. Only IPv4 is enabled. This is one of the limitations we had to overcome to enable Plug-and-Play over pure IPv6 networks.

  7. v6 migration is real and more importantly a need now in the IoT world! This is a great example of a deployment inside Cisco to showcase to the field. Awesome collaborative job by the ENG alpha team and Cisco IT to make this happen!

Applications Meet Infrastructure at Cisco Live Berlin: DevNet Zone

– February 24, 2017 – 0 Comments

By all rights I should be exhausted.  But I’m not.  To the contrary, as Cisco Live Berlin 2017 winds down, I’m totally energized.  So much creativity.  So many amazing people, with innovative products and ideas that are truly transforming the way we live and work.  I saw this first-hand in our DevNet Zone and throughout the event. On Tuesday, I was honored to give one of the conference Innovation Talks.  I took the opportunity to look at the growing importance of the relationship between applications and the network infrastructure on which they run.  You can see the replay of my Innovation Talk here.

There was a time, not so long ago, when applications and network/IT infrastructure were managed separately – when applications were the domain of software developers, and infrastructure belonged to network engineers and IT professionals.

Today, applications have become the primary vehicle for reinventing entire workflows that transform (or disrupt) businesses.  The Internet of Things and the Cloud are opening up new pathways for developers to create business value in an increasingly app driven economy, but only if the apps are seamlessly and securely connected to the programmable network infrastructure.  Keeping those apps running and performing well has never been more important.

The world of network engineers and IT professionals is also undergoing rapid and profound change.  To meet skyrocketing expectations for network speed, scale, analytics and security, they are becoming programmers too – creating network infrastructure that is more automated, software-defined, and programmable.

The imperative is clear…applications and infrastructure must meet.  Developers and IT must communicate, and APIs (Application Programming Interfaces) are the medium for that connection.  APIs are how separate software systems talk to each other.  APIs are the vehicle by which network administrators can securely expose the infrastructure to app developers, and developers in turn can build applications that are optimized to run on the infrastructure.

This is the nexus where Cisco DevNet lives – where applications and infrastructure meet.  This week, that meeting has been on full display in the DevNet Zone at Cisco Live in Berlin.  Workshops on using APIs for NETCONF/RESTCONF/YANG, WAN Automation Engine, and APIC-EM have been filled to capacity.  As were developer sessions on using Cisco IoT tools, integrating Spark collaboration into apps, or creating context-aware mobile experiences with the CMX API.  Cloud sessions on continuous development, containers, Docker, blockchain, serverless, and more all played to overflow audiences.  Vince Kelly was his usual Python programming rock star.  With over 120 sessions, I can’t begin to list all that happened…IS HAPPENING!

To everyone who came to see us in the DevNet Zone…thank you.  It was great to meet you in person.  If you weren’t able to be there, you can catch replays of the sessions on the Cisco DevNet YouTube Channel.  And if you don’t find what you’re looking for there, email us at DevNet@cisco.com, and we’ll help you out.

Your input and engagement is important to us.  So if you’re not a member already, please join the DevNet Community.  Whether you’re an app developer, network engineer or IT pro, we’re here to help you learn, code, inspire, and connect.

Now it’s time to get ready for DevNet Create, May 23-24 in San Francisco.  We’re bringing together application developers, infrastructure engineers, designers, technologists, innovators, DevOps engineers and IT Pros who want to define and build this new landscape – where applications meet infrastructure.  Join us!


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Fuel Faster Application Delivery with Cisco Hybrid Cloud

– February 22, 2017 – 0 Comments

Business is all about applications.  They run your business. Capture new market opportunities. Drive revenue. What if you could accelerate delivery of new applications? Deploy them across any on premise or public cloud quickly?

That’s exactly what you can do if you are using Cisco CloudCenter.  Part of Cisco ONE Enterprise Cloud Suite, this solution is designed to automate modeling, configuration and deployment of your applications.  You deliver solutions faster. Watch this video to learn more.

Cisco ONE Enterprise Cloud Suite is designed with four key components that work standalone or combined to deliver hybrid cloud. No need to purchase software you don’t need. Rather purchase just the right amount of automation for today.  Then expand.  The components include:

Powered by Cisco CloudCenter, the cloud management component allows both IT and application teams to work together to build a model, known as an application profile.  This profile is cloud neutral. It allows your teams to combine golden images along with middleware, configuration of firewall ports, security and scaling policies into a single profile. Once designed, the profile can be run on any on premise or public cloud platform including AWS, Azure, Google Compute, AWS Government Cloud or vCloud Air, just to name a few.

Without Cisco CloudCenter, things are not so efficient.  Yes, public cloud platforms deliver instances quickly.  But automating them is another matter. Your teams need the knowledge of the proprietary APIs.  Write scripts for each platform.  Test and QA the scripts.  Release to production. But you’re not done.  Applications are dynamic.  Your application teams need to continuously update and maintain these scripts.

Fast is the new mantra in business today.  Cisco CloudCenter is delivering 60% time savings to customers.  Reducing application delivery cycles by 33%.  That’s efficiency that goes right to your bottom line.

See how Cisco can fuel faster application delivery.  Take the next step and learn more.

Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

If It’s Not Software Defined, It’s Legacy

– February 21, 2017 – 0 Comments

According to Wikibon, only 10% of internal IT workloads represent true private cloud. The private cloud is simply a virtualized environment, lacking the characteristics that we associate with public cloud, such as user self-service, automated deployment and utility billing. This is because private clouds are often built on legacy data center networks, rather than software defined architectures.

Since SDN (Software Defined Networking) first emerged in 2012, there has been a lot of criticism on the networking industry focused on it’s inability to keep up with the automation and virtualization advances that we have seen in the server and storage industries. In my opinion, this seems a bit unfair as the distributed nature of networking makes it more difficult to virtualize and automate than servers and storage. These challenges include:

  • Distributed Configuration – Each individual component of the network needs to be configured in harmony with the others to ensure connectivity. This makes the system very brittle and one bad configuration can take down the entire network.
  • Automation – Even if devices are standardized, many will lack an object model and northbound APIs and this makes automation difficult.
  • Heterogeneous Environments – Many data center environments will have multiple vendors, numerous device types and different code versions. As a result, configurations cannot be templated or automated, so significant effort is required and inconsistency is inevitable.
  • Service Insertion – Middle boxes such as firewalls and load balancers sprawl across many data centre environments. These devices reduce performance, make configuration rigid and impede workload mobility.

Up Until now, I have defended the right of the networking industry to take a little longer to solve these challenges. However, now in 2017, both SDN and NFV (Network Functions Virtualization) have matured and there is no longer an excuse.  If your network is not software defined, then it is legacy. Investment cycles indicate that adoption will continue for several years.  If organizations are building data center networks by 2017 and not considering SDN, NFV and automation, they are placing themselves at least five years behind the curve and closing the door on private cloud.

Remember how we were once told that “software will eat the world”? Well, software has allowed the networking industry to solve the challenges discussed above. With SDN, user intent is captured on a central software controller and pushed as configuration to an underlay network fabric or virtualized end-points, depending on the solution. As well as solving the distributed configuration problem, this also solves the automation problem – the SDN controller will have a northbound API and in some advanced cases the solution will be object-oriented, which significantly aides programmability.

Depending on the SDN solution, the underlay will either be consistently one hardware type or a dumb underlay, so the heterogeneous environment problem is also removed. Finally, NFV has also grown up as the younger sibling of SDN and almost all Layer 4 to 7 appliance vendors now provide their solution in a virtual form factor. This virtualization combined with centralized software control of network policy means that services are be inserted into the network with ease and only where required to improve performance.

At Hutchinson Networks, we adopted SDN early and built our public cloud IaaS platform using Cisco’s market leading SDN solution, ACI. We have also adopted NFV for all Layer 4 to 7 components and only use hardware for the most basic components – physical network connectivity, disk arrays and raw compute (CPU and Memory). Using a Software Defined Architecture and Cisco ACI has allowed us to build a true cloud environment. Find out more here: Diversifying Business with Cloud Services.

Guest Blogger: Stephen Hampton, CTO at Hutchinson Networks 

Stephen Hampton is a Network Architect with a proven track record in the successful delivery of large networks. As CTO, he is driving Hutchinson Networks’ technical progress and solutions selling strategy. Stephen is seeking to improve and expand Hutchinson’s service catalogue, bringing new solution sand innovative products to market. Supported b  expert, certified engineers, Stephen is also strongly focused on building a top-class team of technical engineers and architects. He has the enviable ability to rapidly master new technologies and architectures.



Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Managing Applications Across Hybrid Clouds

– February 21, 2017 – 0 Comments

Guest Author: Brad Casemore
IDC Research Director, Datacenter Networks

Whether resident in traditional datacenters or – increasingly – in the cloud, applications remain the means by which digital transformation is brought to fruition and business value is realized. Accordingly, management and orchestration of applications – and not just management of infrastructure resources – are critical to successful digital transformation initiatives.

IDC research finds that enterprises will continue to run applications in a variety of environments, including traditional datacenters, private clouds, and public clouds. That said, cloud adoption is an expanding element of enterprise IT strategies.

Watch Video and Read IDC Paper related to this blog!

In 2016, enterprise adoption of cloud moved into the mainstream, with about 68% of respondents to IDC’s annual CloudView survey indicating they were currently using public or private cloud for more than one or two small applications, a 61% increase over the prior year’s survey.

Within this context, enterprises want cloud-management solutions that allow them to get full value from their existing IT capabilities as well as from their ongoing and planned cloud initiatives. At the same time, enterprises don’t want to be locked in to a particular platform or cloud. They want the freedom to deploy and manage applications in both their datacenter and in cloud environments, and they want to be able to do so efficiently, securely, and with full control. Ideally, they want the application environment to be dictated exclusively by business requirements and technical applicability rather than by external constraints. This is why enterprises are increasingly wary of tools optimized for a single application environment, and why they are equally skeptical of automation that is hardwired to a specific cloud.

To be sure, the greatest benefit of having an optimized cloud-application management system is strategic flexibility. In implementing a hybrid IT strategy with consistent multi-cloud application management, enterprise IT can deliver on the full promise of cloud while reducing the complexity, cost, security, governance, and lock-in risks associated with delivering services across mixed environments. As such, there’s no need to worry about cloud-specific APIs or about the threat of cloud lock-in. Instead, enterprises can focus on a service delivery strategy tailored to the needs of the organization, allowing applications to be deployed in the best possible environments.

An additional benefit is represented by speed and agility. In this respect, enterprises can align operations with agile development, helping accelerate the application development lifecycle. For example, enterprises can boost productivity and decrease time to market by providing developers with self-service portals to provision fully configured application stacks in any environment. Developers can remain focused on customer needs, and not on infrastructure or downstream deployment services.

To learn more about the challenges and benefits of managing applications across hybrid clouds, and to read about how Cisco CloudCenter responds to those challenges, I invite you to listen read an IDC Technology Spotlight titled, “Avoiding Cloud Lock-In: Managing Applications Across Hybrid Clouds.”

Watch Video and Read IDC Paper


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Start Navigating Your Digital Journey Today with Cisco DNA

– February 21, 2017 – 0 Comments

How can you take advantage of new network virtualization and security innovations to help accelerate digital transformation in your organization?

As I flew from San Francisco to Berlin, Germany this week to attend our annual CiscoLive Europe (#CLEUR), I turned on my infotainment system to look at the navigation map. It was fascinating to watch my plane inch across the screen. Thinking about the pilot guiding our plane over an ocean where every direction looks exactly the same, I realized how important his navigational tools are. The value of these navigational aids can’t be underestimated, as they are the key to getting to your destination when the path isn’t always clear.

When Cisco launched its Digital Network Architecture a year ago, it provided IT leaders with a blueprint for building a digital ready network that would help accelerate digital transformation in your organizations. In just under 18 months we have seen over 1900 organizations deploy our SDN controller, APIC-EM, in their networks and start laying a foundation capable of enabling their digital transformation. With everything in enterprise networking changing so fast, having a clear vision and plan to build a digital ready network is more important—yet more challenging—than ever.

That’s why I am so bullish about today’s announcement of the Cisco DNA Advisor Program, together with the latest wave of Cisco Digital Network Architecture (DNA) innovations around virtualization and security. With these introductions, we’re helping you create your own unique plans for transforming your network, while providing you with some of the foundational technologies you will need to speed you on your journey.

Demystifying the Path

Let’s start with the DNA Advisor Program. This program, developed in collaboration with IDC Research, allows you to map your network’s journey towards a future state of your design. With IDC, we have built a 5-stage network readiness model across the 5 main digital network categories – architecture, automation, security, service assurance and analytics. For stage 5, we envisage a future state network that continuously and effortlessly aligns to all business needs. That means dynamically adjusting to meet all service level requirements, warding off security attacks and greatly simplifying network lifecycle management.

To learn more about how you can map your journey to a digital-ready network, read Scott Harrell’s blog here. Alternatively, you can just jump straight in and get started by doing your own network readiness self-assessment. This on-line tool and report allows you to compare your own network maturity with your peers, provides guidance on next steps and the potential business benefits of you moving to the next readiness stage. And don’t wait too long to give it a try, because 45% of organizations are already planning to have a digital-ready network within 2 years according to the recent IDC Digital Network Readiness Survey.

Latest Wave of DNA Innovations

But, it’s two different things to plan an ascent to Everest and to actually make the ascent. Likewise with your journey to a digital-ready network. The good news is that at Cisco we are continuing to execute on delivering the DNA technologies and capabilities you will need to make this journey as successful and risk free as possible. In this latest wave of DNA innovations, we are focusing our efforts on the critical DNA pillars of virtualization and security.

After years of virtualization making a huge impact on data center operations, we are seeing major strides forward in network virtualization for the enterprise too. Cisco was first to market with our virtualized solution for the branch, Enterprise NFV, and with the latest Cisco DNA virtualization enhancements we are extending our virtualization capabilities to the campus, colocation centers and public cloud. Organizations can now deploy virtualized network functions like the new virtual firewall, NGFWv, ISRv for SD-WAN, vWAAS for WAN Optimization and many more across a diverse set of places in their network. Digital ready platforms like the new Enterprise Network Compute System (ENCS) 5400 series, a purpose built platform for branch virtualization, and the CSP 2100 Series for colocation centers ensure optimal performance for virtual network functions. The end result is much greater flexibility and speed and choice of network consumption model. Learn more about these exciting new DNA virtualization developments in my colleague Allison Park’s blog here.

And then there is security. It’s no surprise that security continues to be the number one concern for network professionals. The latest DNA security innovations showcase Cisco’s security leadership and further enhance the unique ability of the network to act as a sensor to detect threats and an enforcer to block threats. 

First, in the latest 2.2 release of Cisco Identity Services Engine (ISE), security policy management is simplified making it possible to onboard guest users in minutes. ISE 2.2 offers much deeper visibility into applications on endpoints, including detection of anomalous behavior. It also offers more granular control with the ability to define “DEFCON” policy sets that allow customers to escalate their response to prolific threats. Secondly, Cisco TrustSec, delivers the industry’s first end-to-end software-defined segmentation with full visibility from the network edge all the way to the endpoint to the application in the data center or cloud. Speaking of the network edge, Umbrella WLAN is the industry’s first solution to deliver DNS level security to users at the edge of your network directly on the wireless access point. I urge you to learn more about these important DNA security enhancements from my colleague, Kevin Skahill here.

For those of you at CiscoLive in Berlin this week, don’t miss the sessions on Cisco DNA and these new introductions. For those of you that preferred to stay home, you can still catch some of the key sessions by registering virtually here.

As always, I’d love to hear from you on any of these new introductions and also on what else we can do to help you accelerate your network journey.



Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Mapping the Journey to Digital-Ready Networks

– February 21, 2017 – 0 Comments

Over the next two years organizations will transform their network for the digital era in increasing numbers. In fact 45% of organizations1 are expecting to already have digital-ready networks in two years – triple the number today. And no wonder. Cloud, mobility, and IoT are placing unprecedented demands on the network. And that’s not even taking into account the threat landscape. Most IT leaders realize we need to change how we build, manage, and protect networks to keep up with the relentless pace of change.

But while the destination is appealing we know the journey doesn’t come with a built-in GPS. That’s why Cisco has teamed up with IDC to create the DNA Advisor Program – an initiative specifically designed to provide a predictable framework for customers on their journey to automated, secure, self-driving networks.

Starting with a five-stage digital network readiness model to help customers structure the journey, IDC then conducted a global research study to understand where customers are on the journey and where they plan to be over the next two years. This culminates in an online self-assessment or guided assessment that helps customers determine where they are on the journey and understand the potential business impact of embracing the recommended next steps to move up the maturity curve.

Create the blueprint for network transformation.

But we don’t stop there. Cisco is announcing a new Cisco DNA Advisory Service designed to help organizations build a cost-effective strategy to transform their network. The end result: A blueprint to achieve business objectives through technology while maintaining a stable, secure network during the transition.

Our experts help customers explore the right migration and transition options for their business.  We provide visibility into their existing technology so they can make informed decisions.

This strategic plan encompasses not just technology, but also their people and processes so customers can:

  • Reduce risk using proven methods to address gaps and identify dependencies
  • Lower OpEx by promoting consistency and standardization across their environment
  • Prioritize investments with total cost of ownership (TCO) estimates
  • Simplify and streamline existing processes

We work with customers to understand where they want to take their business. Then we build a roadmap with predictive steps to take them there.  The result is an end-to-end strategy that allows customers to move with confidence.

Build a foundation for extraordinary results.

The Cisco DNA Advisory Service uses our new framework—called DNA 8—which expands on the digital network readiness model to identify eight key areas to address during network transformation and why each area matters to an organization’s success.

Cisco DNA 8 Framework:

This approach simplifies planning discussions and enables customers to focus on the critical areas they need to address:

  • Where should they focus people, budget, and time?
  • How can they get the most out of the new technology and optimize what exists today?
  • What gaps should they address first? Why?

Built on over 30 years of expertise, our holistic approach equips customers to make better business decisions so they can prioritize investments and use their limited resources more wisely.

Realize the benefits of Enterprise NFV sooner.

As you’ve probably heard, Cisco® Enterprise Network Functions Virtualization (NFV) makes it easy to virtualize the branch.  To make the move from physical to virtual even easier, we developed two new services.

With the new Cisco Enterprise NFV Advise and Implement Service, our experts develop a comprehensive solution design and work with customers during implementation to ensure a smooth transition. This includes identifying dependencies and the effects of introducing the new capabilities into their environment.

We help customers:

  • Validate the new solution for their existing network and use case
  • Improve their results with a customized design tailored for their goals
  • Speed adoption by identifying and addressing technical and operational readiness
  • Reduce risk using our expertise, tools, and best practices

Our new Solution Support for Enterprise NFV centralizes support management across the products in the Cisco Enterprise NFV solution. So whether there is an issue with a Cisco or solution partner product, customers contact us. Our team of solution experts will be the primary point of contact and own the case from first call to resolution.

Combining solution-level support and our product support in one service, Cisco Solution Support resolves complex issues in solution environments on average 41 percent2 more quickly than product support alone—making it the right kind of support when deploying DNA solutions.

Start navigating your digital journey today.

Let’s build the foundation to achieve extraordinary results.  So you can spend less time making things work and more time innovating to drive your business forward.

Contact your Cisco representative and ask how our service experts can help achieve your business goals.  Learn more about our enterprise networking services at www.cisco.com/go/enservices.

1IDC White Paper, sponsored by Cisco, Is Your Network Ready for Digital Transformation, January 2017

22015 Cisco internal study


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Make network virtualization a reality with Cisco DNA Virtualization

– February 21, 2017 – 0 Comments

Last year Cisco laid out a blueprint for customers to build a digital ready network, Cisco Digital Network Architecture or DNA. Virtualization stood out as one of its key pillars and we announced Cisco Enterprise NFV,  a solution for virtualizing the branch, that enables our customers to deploy network services in minutes across their remote locations.  This year at CiscoLive Berlin (#CLEUR), we are announcing solutions that extend virtualization beyond the branch, across the entire enterprise network and to the cloud.

Introducing DNA Virtualization:

Wondering why anyone would want to virtualize their network? Well I’d like to introduce three customers who are using DNA Virtualization solutions to make their networks more flexible, faster and cost-effective.

Virtualization for the Branch

 This retail bank is planning for their next generation branch that will deliver the best customer experience, and the IT team wants to make sure that the network is not a bottleneck to this new business initiative. The customer would like to consolidate all their physical network services in the branch onto a single virtualized platform. They selected the Cisco Enterprise NFV software solution and the new Enterprise Network Compute System (ENCS) 5400 Series hardware platform we are introducing a CiscoLive this week.

This specific customer has over 250 branches and before ENCS and ENFV, they had to travel to each branch every time a problem occurs just to install a sniffer.  Now the network engineer says he can simply spin up a new service, with a few clicks, from his office without having to leave his desk. Pretty cool.

ENCS is a robust, high-performance modular compute platform designed by Cisco specifically for hosting virtual network functions (VNF’s) in the branch.  For more details about Enterprise NFV and the new ENCS platform, please see the blog post from my colleague Matt Bolick here.  In addition to the ENCS, we are also announcing support for NGFWv, a virtual FirePower as we know security is top of mind for our customers. This adds to our existing portfolio of VNF’s, vASA (firewall), vISR (routing) with Umbrella Branch, vWAAS (WAN Optimization) and vWLC (wireless LAN controller).

Virtualization for Colocation Centers

 Digitization is challenging the network perimeter (DMZ). Employees are becoming more distributed, connecting remotely to get access to their email and other productivity apps. Ecommerce is changing how businesses engage with their customers and as supply chains evolve, business-to-business communications is growing. Much like the branch, the network perimeter is static and the digital era is demanding a more flexible and scalable network perimeter.

This particular customer is a financial institution is growing with more customers and business-to-business traffic.  The network perimeter needed flexibility and scalability as the user base grew and applications they need to access moved to the cloud.  They chose the Cisco Secure Agile Exchange solution to virtualize the network perimeter to dynamically connect users to applications.  For more scalability and better application experience, they are moving this virtualized network perimeter into Equinix colocation centers.

For more information on Secure Agile Exchange and the CSP 2100 virtualization platform, please visit this page.

Virtualization for the Public Cloud

This customer, like most of our other customers, are moving to the public cloud.  The public cloud allows them to scale in a pace that no other technology can.  Multiple business groups within the company have various accounts and deployments within this cloud provider throughout the world and in different regions.  They quickly figured out the need to connect these clouds together and Cisco’s cloud router CSR 1000V was the answer.

This week we are announcing a few enhancements to the CSR 1000V in the Amazon cloud.  In addition to scalable VPC deployments I just described, the  CSR 1000V can now scale up to 5 Gbps, you can purchase an annual license directly from Amazon and get Cisco support if and when you need it.  Read my colleague Cathy’s blog for more details on VPC deployments and how Adobe used CSR 1000V to help deliver rich digital experiences to their customers.

Meet us at Cisco Live Berlin (even if you’re not in Berlin)

If you are at Berlin this week and want to learn more about DNA Virtualization, check out these sessions and visit us at the World of Solutions to talk to the experts.  Even if you aren’t in Berlin, some of these sessions will be broadcasted live and will be available to view in a few weeks online.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Enterprise Network Security: Is it in your DNA?

– February 21, 2017 – 0 Comments

If you were driving a race car without brakes, chances are you’d keep your speed in check. How else could you manage the corners? Pushing the pedal-to-the-metal on the straightaways and actually reaching the car’s peak performance would only end poorly when the road turns. The same can be said for enterprise network security: only with proper security capabilities can you run your digital business at breakneck speed.

This breakneck speed is being fueled by the growth of mobility, IoT devices, and private and public clouds, all of which massively increase the attack surface for threat actors.  Meanwhile the top recommendation of the newly released 2017 Cisco Annual Security Report is that “as the attack surface increases, defenders must focus on their most important goal: reducing their adversaries’ operational space.”

Fortunately, you can keep the pedal-to-the-metal while reducing your adversaries’ operational space by building security capabilities into the very fabric of your network. The network can provide deep visibility into network traffic patterns and rich threat intelligence. With Cisco DNA, the network can be used to quickly detect cybersecurity threats and then automatically take action to stop them.

Baked in, not bolted on

Cisco’s Identity Services Engine (ISE) and TrustSec can help turn the network into a sensor and enforcer. ISE provides visibility and control of users and devices on the network, while TrustSec provides software-defined segmentation to isolate attacks and restrict movement of threats in the network. Together they form a dynamic duo.

At Cisco Live Berlin, we’re announcing the latest Cisco DNA Security advancements, including the latest releases of ISE and TrustSec.

Deeper visibility, more granular control: Cisco ISE 2.2

ISE 2.2 offers much deeper visibility into applications on endpoints and more granular control. But the feature that really floats my boat is the ability to define “DEFCON” policy sets that allow customers to escalate their response to prolific threats.

Rapid threat containment is tremendously powerful in dealing with a handful of systems at a time.  But what if numerous systems are simultaneously getting “popped” and a threat is spreading in real time?  That’s where ISE DEFCON policy sets come in.

DEFCON powerfully enhances your incident response playbook with the ability to move to pre-defined responses to systemic attacks. Rather than changing the authorization of individual users and devices, or implementing policy changes manually, changing DEFCON state changes the TrustSec policies defining how users, devices, and systems can talk to others — essentially raising the “network drawbridges” to protect your critical data and maintaining essential services. For example, you could define DEFCON 4 to kick all guests off the network, DEFCON 3 to kick all BYOD users off the network, DEFCON 2 to restrict peer-to-peer traffic, and DEFCON 1 to severely limit access to your “crown jewels.”

ISE 2.2 also provides Streamlined workflows that include guest, secure access, and BYOD setup with Cisco Wireless LAN Controllers in as little as 10 minutes. This approach also extends to customers migrating from the Cisco Access Control System (ACS), which Cisco recently announced will go end-of-sale. An enhanced ISE migration tool now streamlines ACS replacement so you get all the same ACS benefits coupled with advanced secure access, profiling, and postures capabilities offered with ISE.

And it’s not just us. SC Magazine recently recognized Cisco ISE with their 2017 Best NAC Solution award. If you’re interested in learning more you can ready this technical blog.

Dynamic Segmentation: Cisco TrustSec 6.1

TrustSec Software-Defined Segmentation reduces risk and restricts the lateral movement of threats in a network, allowing for these segmentation policies to be enabled and changed without reconfiguring network devices. This proven technology can enable security policy changes 98% faster and with 80% less operational effort than the traditional VLAN-based segmentation.

TrustSec has now been extended to Cisco Access Points, WAN routers, Cloud Services Routers and Industrial Ethernet switches that now work seamlessly with the existing TrustSec-enabled Catalyst and Nexus switches. Coupled with new integration with Cisco ACI, TrustSec now enables dynamic segmentation anywhere on the network, from the edge of the network to the data center to the cloud.

Among the many use cases, Mondi is using TrustSec to rapidly integrate new acquisitions into their security architecture and dramatically simplify firewall policy management. We at Cisco are using TrustSec to segregate high-risk labs as well as simplify security during divestments. Banks are using TrustSec to meet regulator’s segmentation requirements and ensure that only authorized users have access to financially regulated applications. And security-minded agencies of governments are using TrustSec to restrict peer-to-peer communications that could cause lateral movement of threats.

With these new capabilities on ISE and TrustSec, Cisco is now the first in the industry to deliver software-defined segmentation across the entire network—from the network to the endpoint to the cloud – with complete application visibility.

This is important because you can only drive at digital speed if you have the right security. And by turning the network into a sensor and enforcer, Cisco is helping our customers accelerate their digital journey.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.