Introduction to Software Defined Access: The Workshop

– July 31, 2017 – 0 Comments

Well…it’s finally happened, Robb Boyd  has handed the controls of the TechwiseTV Workshops over to me! Don’t worry, you still get to hear his dulcet voice on this episode.

That’s not why you’re here, though, you want to know all about Software Defined Access (SD-Access) and in this workshop, you get a great intro to it…complete with live demos and all! Thanks to Shawn Wargo we got to hear all about the technology that goes into SD-Access as well as see the DNA Center GUI live and in action. This particular show is an interactive dive into a topic we covered on the TechwiseTV episode we did with Shawn and Carl Solder, which you should definitely check out.


At the top of the workshop Shawn points out, SD-Access is all about taking tried and true technology solutions like Campus Fabric and making it even more accessible and easier to use by adding on a controller, which we get with DNA Center. So what we really have is a pristine underlay that does its job, it forwards frames.  Then a logical overlay that let’s us automate all sorts of hardware, software, and policy configurations.

Check out the Workshop here:

Check out the slides here:

DNA Center isn’t just one of those cobbled together GUIs that only acts as a replacement for 50% of CLI, either. It’s a simple to use, maybe even comfortable GUI, if I may be so bold. The idea is to use it to design your network, create policy, and provision configurations. Of course, it can be used for assurance and analytics as well, but this workshop concentrates more on the DESIGN, PROVISION, POLICY aspects.


  • Specify geographic location for devices and policies (even down to the floor plan of a level in a particular building)
  • Create IP Pools
  • Specify common services like DHCP, DNS, AD
  • Specify information for wireless access controllers


  • Create groups of people and devices
  • Create contracts that let things talk
  • All drag and drop with information that can be gathered from solutions like Cisco ISE


  • Send intended configurations to the proper devices
  • Specify roles of devices (DNA Center: “Is it a border router? Sweet, I’ll tell it to be a border router”)

For a deeper look at SD-Access Check out our aptly named TechwiseTV show “A Deeper Look at SD-Access”

What Does All This Mean?

Now we can have intent based networks in the Enterprise and Campus. We can design and create policy for our networks, and the hardware doesn’t even need to be hooked up yet.  Once the hardware is hooked up, we can use pull-down lists and topology views to provision the proper configs. The best part…no matter where my users are connecting (wired, wireless, VPN, remote, on-premises) and no matter what they’re using to connect (tablet, computer, phone, VR headset, XBOX…seriously!) they get the correct policies applied to them. Wait, the actual best part…we network folks don’t have to manage hundreds or thousands of ACLs and firewall rules to get the right security at the right time and it’s so easy to scale.

A huge thanks to Shawn Wargo for the amazing presentation and demo at this workshop, and thanks to the seriously excellent Q&A panelists that worked in overdrive to get everyone’s questions answered. Check out the workshop, the only bad part was we only had an hour. Don’t worry, we’ll do another one!




Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Network Security in the Age of Hyperconnectivity: Pervasive, Proactive, and Persistent Protection is Essential to Thwart Cyberattacks

– July 31, 2017 – 1 Comment

Securing today’s digital content has become more challenging, as there are more endpoints and wide area networks (WAN) to protect than ever before. There will be 27.1 billion networked devices/connections by 2021, up from 17.1 billion in 2016 globally (according to the latest Cisco Visual Networking Index).  The majority (51%) of those endpoints will be machine-to-machine (M2M) modules by 2021. As the Internet of Things (IoT) landscape continues to expand, digital domains and demands for access to applications and data by people and things will continue to increase.

To accommodate new bandwidth requirements, we are seeing constant and significant network innovation across all access technologies. From high efficiency wireless upgrades (including new Wi-Fi standards and the coming 5G revolution) to enhanced fiber/optical deployments and fixed line advancements in cable and DSL networks. Each of these innovations are designed to enable a wide range of new connections and applications — dense IoT deployments with smart cities, smart cars, sensors on every seat in a stadium, every plant on a farm or every product in a grocery store.

Unfortunately, this new era of connectivity and network reliance will also create new volumes and complexities in cyberattacks. With the positive promise of global digital disruption (more data and more efficiency) also comes real security implications for network operators and their consumer and business users.  Cyberattackers are relentless, whether casting a wide net or narrowly targeting an organization. Attackers go after everything—hacking firewalls, compromising credentials, and discovering both hardware and software vulnerabilities. They use multiple methods to compromise information and infrastructure resources, finding their way into data and networks wherever they can, with off-the-shelf malware, brute-force password attacks, or phishing, other forms of social engineering and distributed-denial-of-service (DDoS) attacks.

A DDoS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised online targets flooding the breached system with debilitating traffic. Peak DDoS attack volumes (measured in gigabits per second [Gbps]) have been increasing in size, with peak attacks reaching 400, 500, and 800 Gbps, respectively, in 2014, 2015, and 2016, according to the Arbor Networks 12th Annual Infrastructure Security report.

DDoS attacks can represent up to 18% of a country’s total Internet traffic, according to Cisco VNI, and they are occurring and increasing at roughly the same rate as internet traffic. In 2016, the top motivation behind DDoS attacks was criminals demonstrating their attack capabilities, with gaming and criminal extortion attempts.

Today, the average DDoS attack size is roughly 1.2 Gbps, which is enough to take most organizations completely offline. Amplification attackers, who have tools for carrying out a DDoS attack, exploit vulnerabilities in the network and compute resources. Globally, the number of DDoS attacks greater than 1 Gbps grew 172% in 2016 and will increase 2.5-fold to 3.1 million by 2021.

The last few years have been particularly eventful period from a security threat perspective, with many serious data breaches that have been reported widely in the media (including the recent “Wanna Cry” ransomware attacks). When hackers breach cybersecurity defenses, the risks to consumers, small-to-medium business (SMBs) and enterprises are enormous, ranging from financial losses and damage to corporate reputations to exposure of intellectual property and the release of sensitive customer information. Ransomware has driven renewed interest in adoption of web security products designed to identify malicious websites and prevent web-borne threats from delivering malware onto employees and consumers PC’s, mobile devices and IoT connections.

The 2017 Midyear Cisco Security Report has been tracking the median time to detection (TTD). The overall trend has been downward, from over 39 hours in November 2016 to about 3.5 hours in May 2017.

There have been nearly 37 million records exposed according to the 2016 Identity Theft Resource Center report, and over 33 thousand records were exposed per breach. The highest number of breaches were in business, which includes retail, hospitality, trade, transportation, etc. The highest exposure of records during cyberattacks occurred in the healthcare industry.

From an infrastructure perspective, within the next year, a majority of US enterprises (>58%) will be deploying SD-WAN services, according to IDC. By 2020, at least 30 percent of international enterprise WAN service contracts will incorporate NFV based services, up from less than 1 percent in 2016, according to Gartner. Security is the leading use case, service, and a key business differentiator.

In the face of these persistent threats, network security—and ultimately data security—has become a paramount priority for most organizations. Simple endpoint solutions or an isolationist approach will not be sufficient barriers to dissuade today’s hackers. To effectively reduce or eliminate nefarious online activity in the age of hyperconnectivity, security needs to be embedded into a new digital culture that includes evolving hardware and software technologies as well as a heightened sense of awareness and diligence towards those who wish to profit from digital disruption through illegal practices.

Discover more global Internet insights in the Cisco 2017 Zettabyte Era: Trends & Analysis Report.

Learn more by downloading and reading the Cisco 2017 Midyear Cybersecurity Report.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.


    Excellent article That’s the plain truth. Networks evolve as the updated technology inside them, as well as new threats…

Shifting Marketing to a New Way of Collaboration

– July 31, 2017 – 0 Comments


This post comes from Stacy Shrader, an intern with the collaboration marketing team and a rising senior at Virginia Tech with a dual degree in business management and public relations.

Innovation. Yes, a simple word, but one filled with ambiguity. Marketing leaders can attest that innovation has lost its true definition. It has become a buzzword that marketers sprinkle liberally throughout marketing content. But what about actual innovation in the way we do marketing?

Improving the way internal and external teams collaborate can take a marketing campaign to that next level. Collaboration solutions use technology to constantly innovate the way employees and customers communicate with each other.

Go Digital

The digital-age push has affected nearly every aspect of business with pressure to “turn digital.” For marketing, the pressure takes the driver seat. Digital marketing is now the main priority for CMOs. According to Huffington Post, 59% of marketing leaders say that traditional marketing roles limit their ability to engage with customers. As part of a marketing team, I rely on my face-to-face, real-time communication with my team. My team utilizes collaboration solutions, like Cisco Spark, to remain digital internally. Collaboration solutions can turn traditional marketing into digital.

San Jose State University (SJSU) is the number one supplier of education, engineering, computer science and business graduates to Silicon Valley. SJSU utilizes Cisco collaboration and video-conferencing solutions to provide virtual lectures and increase flexibility for its students. Its marketing outreach has improved significantly around the world by using collaboration technology to market to more than just the United States.

“Collaboration has enriched our program by opening the real world up to students. We’re providing a wealth of opportunities by breaking down geographical barriers to actual industry experience.”
—John Delacruz, Advertising Professor, San Jose State University

Generate Leads

Origami Logic and Brand Innovators reports that 63% of marketers say their top challenge is generating traffic and leads. Even the best companies struggle with creating new, fresh marketing plans. Producing that overnight viral campaign takes more than a good idea. I guess the cliché “it takes a village” holds true.

Constant communication is one factor that teams need to perform at top potential.

Cisco Spark encourages ongoing communication by providing messaging, video calls, and screen sharing – allowing people to work wherever they are and share ideas in a persistent team space. Those late-night team sessions at the office can now be history. By collaborating smarter, your nights can be full of relaxation instead of bad office snacks.

If you ask me, the most effective marketing departments generate new leads by simply remaining human. I don’t necessarily mean most marketing departments are run by aliens. (But who really knows for sure…) By human, I mean keep the idea of the customers’ emotions tied to the center of their mission. Collaboration solutions can connect marketers with customers with a more evident emotional relation. In comparison, phone calls are ambiguous and can’t supply the customer the experience of a video call.

Move toward Unification

Whether marketing will admit it or not, it relies on other departments to be successful. A business survives only if each unit is working together effectively. Clear communication is then essential to having a transparent company. However, it’s easy to create silos in a busy business world. Part of that is scheduling and part is culture.

For example, State of Inbound found that only 22% of organizations’ sales and marketing relationships are tightly aligned. These kinds of divides can sometimes be the reason a business succeeds or ultimately fails. In my opinion, collaboration technology can help close that gap between miscommunications in different silos. That last-minute meeting in an airport with the finance department is now just a click away.

CurSeq aims to revolutionize next-generation sequencing in oncology. Since so many of its employees are geographically distanced, it was difficult to withhold their brand to the same standard. With Cisco WebEx, communication on materials, such as presentations, has improved significantly and strengthened the company’s marketing voice.

“After all of the various platforms that I’ve interacted with, WebEx is definitely the most stable. That is really important when you’re trying to conduct a virtual meeting with critical clients and prospects around the world,” says Vikki Friedman, CureSeq’s global vice president of sales and marketing.


Find out more about how marketing teams can benefit from collaboration solutions.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

From the Trenches: 5 Ways Customers are Improving Security with Cisco AMP for Endpoints

– July 31, 2017 – 0 Comments

Does this sound like a day in your IT security life? Wake up, get coffee, drive to work, and battle an almost constant onslaught of attacks, while playing whack-a-mole with too many alerts.

If so, we get it. You never know where the next attack will come from. And you’re probably on to the fact that traditional anti-virus and “point-in-time” solutions (like firewalls)—alone—are not enough to defend against the new levels of threat sophistication.

You need security solutions that can not only handle a continuous barrage of attacks, but that also detect new and more sophisticated malware variants. Because, ridiculously smart people are working with other ridiculously smart people in organized groups (nation states and hacktivist groups) to create increasingly wicked forms of malware.

These insidious threats call for extra layers of sophisticated protection—beyond just attack prevention. For example, if something malicious manages to penetrate your endpoints, you need deep visibility and control to quickly detect and remediate these attacks.

Many of your peers have chosen Cisco AMP for Endpoints to provide this level of sophisticated protection. But don’t just take our word for it. Thanks to a recent Techvalidate survey, we can tell you exactly what your colleagues in the trenches, fighting the same battle, say about Cisco AMP:

1. 72% of surveyed customers say AMP for Endpoints helps them prevent, detect, and defeat advanced malware

 Customers of all sizes weighed in with specific examples regarding how AMP for Endpoints changed their security game. Most notably, AMP helped an IT Director at a medium enterprise hospitality company avoid a large-scale breach. “Recently AMP detected and alerted us to such an attack. Without AMP on this particular hotel computer, we wouldn’t have known that this attack ever occurred. It is possible it stopped thousands of credit card numbers from being stolen.”

2. 84% of surveyed customers reduced threat detection time by 6 hours or more with AMP for Endpoints

Customers also had something to say about the speed by which they detected threats. An IT Administrator at a commercial bank, said “[AMP for Endpoints] helped us pinpoint the source of the threat faster than we ever could have before.” He’s not alone. A Senior IT Architect at a medium enterprise educational company also claimed, “Cisco AMP has improved endpoint visibility by up to 100%, detected 80% more threats than antivirus alone and reduced response times up 4 days.”

3. 74% of surveyed customers have increased visibility into their threat environment with AMP for Endpoints

Overall visibility into the threat landscape scored high, as well. Ten days after displacing Symantec Endpoint Protection, the CISO for a medium enterprise computer software company detected over 500 new vulnerabilities in their environment. They also increased their threat detection by 200% and reduced their incident response time by ten days. All in all, AMP for Endpoints drastically increased their overall security visibility the most in the past 18 months.

4. 86% of surveyed customers improved security effectiveness with AMP for Endpoints

The IT Manager of a German chemical manufacturer revealed how AMP changed the game for her short-staffed security team: “I have a very small team, so deploying AMP for Endpoints had a drastic effect on our security posture. We gained visibility and reduced incident response time by months.” Also, an IT Director at a retail company claimed, “AMP for Endpoints significantly improved our security posture over other endpoint products.”

5. 88% of customers surveyed agreed that deploying AMP for Endpoints alongside other AMP deployments helped their overall security effectiveness

Not only are customers reaping the benefits of pairing AMP for Endpoints with other Cisco solutions, like Firepower Management Center, but they’re deploying it in conjunction with Cisco Umbrella and AMP for Email, as well. In fact, 97% of customers who purchased AMP for Email agreed with the following statement: “Deploying AMP for Endpoints alongside AMP for Email has helped my organization uncover threats faster and improve overall security effectiveness.”

Others are using AMP for Endpoints with the Cisco Web Security Appliances to uncover all web requests that may be malicious (using the Cognitive Threat Analytics feature). The possibilities are endless. And, the best part is the solutions work together seamlessly.

You’ll have to read the whole survey for all the pithy anecdotal tidbits (totally worth your time). The results speak volumes about how AMP for Endpoints, and other Cisco security solutions, can help equip you for battle in this complicated new age.

If you want to learn more about Cisco AMP for Endpoints, visit our webpage. If you’re an AMP for Endpoints customer interested in becoming an AMP expert, this is the place to start.

We’ll leave you with this slightly hyperbolic survey quote from an IT Manager at an energy company, “AMP’s zero-day threat detection lets me sleep at night.” Hey, we see how that could happen.




Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

All comments in this blog are held for moderation. Your comment will not display until it has been approved

Helping Others Find Their Voice: Project Vive

– July 31, 2017 – 0 Comments

Spotlight on Our Inaugural GPS Challenge Grand Prize Winner

Our voice is part of the foundation of how we connect with each other. We voice our needs and share our ideas and feelings. It’s how we’re heard. Having a “voice” is fundamental to being an individual.

Meet Arlyn Edelstein. She has cerebral palsy. This is a neuromuscular condition that limits how Arlyn can interact with the world. Along with other disabilities, cerebral palsy has been described as being trapped in your own body.

Now meet the Voz Box. The Voz Box is a patented speech-generating device (SGD) that brings the benefits of the Internet of Things (IoT) to assistive smart technology. Using a network of wearable sensors, the Voz Box makes it easier for Arlyn to communicate with those around her by removing some of her physical limitations. It has also helped Arlyn give voice to the poet that has always been inside her.

One of the most compelling aspects of the Voz Box is its ability to be customized to match the capabilities of its users. Individuals with neuromuscular conditions possess a wide variety of abilities, and what might be a simple motion for one person may be impossible for another.

Currently, speech-generating devices use touch screens or keyboards with large icons. These systems can be difficult to use for those with limited muscular control as the device predetermines the mapping between movement and speech generation. In addition, systems typically cost more than $10K.

Voz Box is built around wearable sensors that can detect small movements. These sensors can be placed where a user chooses: finger, elbow, knee, foot, eye (blink and/or movement). Sensors are self-calibrated to prevent involuntary selections. Furthermore, sensors can be recalibrated over time, extending the use of Voz Box over the years as the movement capabilities of the user change.

Using Bluetooth wireless technology, these wearable sensors form a network around an individual. This network connects to a portable and comfortable speech-generating device, only 3.2” x 4.3” x 2” in size. The device is multilingual and supports both visual- and auditory-based communication. And microprocessor technology has reached the level where the unit can be self-contained, affordable, and not require an Internet connection to operate.

The Voz Box is the brainchild of Mary McCulloch and the Project Vive team. “Vive” comes from the Spanish verb “to live.” Based out of Pennsylvania State University, Project Vive is dedicated to making affordable technology available to those with disabilities.

Project Vive is definitely a company to keep your eye on: the team just placed first in the 2017 Cisco Global Problem Solver (GPS) Challenge, taking home the Grand Prize of $100,000. Our inaugural GPS Challenge included more than 1100 registrants from over 450 schools around the globe.

These are exciting times. We are witnessing the rise of a new generation of global problem solvers like Project Vive. These individuals will not only survive in our increasingly digital economy but are finding ways to change the world for the better.

Like giving a voice to the voiceless.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

You Thought Ransomware Was Bad

– July 28, 2017 – 0 Comments

In the never-ending escalation of cyber threats, an emerging type of attack could dramatically raise the potential damage of attacks. Called Destruction of Service (DeOS), these attacks could soon become common — and devastating.

As outlined in Cisco’s Midyear Cybersecurity Report (download it here), behavior such as locking systems and destroying data are precursors to DeOS. Right now, federal agencies and other organizations can usually recover from malware or ransomware attacks with a “safety net” of backups and other resources.  A DeOS attack would try to destroy that capability.

The Internet of Things will probably be a vector for these attacks, according to our researchers.

DeOS isn’t the only threat vector that demands attention, of course. Cyber-attckers are creative and tenacious, and will use any tool that works. The good news is, many organizations have a good handle on defense and can fend off most or all attacks.

MCR Cover

The single most important strategy for cybersecurity is to adopt an open, integrated and simplified approach. Many cybersecurity shops have grown up piece by piece, buying individual solutions as needed to address problems as they arose. The resulting patchwork quilt is difficult to manage and multiplies security alerts unnecessarily.

Find out more about emerging cybersecurity trends and threats in our free report.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Cisco in 2017 Gartner Unified Communications Reports

– July 28, 2017 – 0 Comments

Digitization, workplace transformation, investment protection. These are all top-of-mind subjects that come up in my conversations. Many of you are currently evaluating your collaboration strategies and thinking about how to evolve your unified communications solutions.

There’s no doubt that the UC market is dynamic and fast-paced. Products and vendor solutions evolve constantly, as do user requirements and the very nature of work. Analysts can provide unbiased product evaluations to help you make the right decisions for your business.

Gartner’s Magic Quadrant reports provide a wide-angle view of the relative positions of a market’s competitors. The placement of the Magic Quadrant “dots” is based on each vendors’ ability to execute and completeness of vision. Gartner divides UC into six broad communications product areas:

  • Telephony
  • Meeting solutions
  • Messaging
  • Presence and IM
  • Clients
  • Communication-enabled business processes

Gartner analysts evaluated many factors across both execution and completeness of vision for each vendor.  For example in the ability to execute category, “Gartner analysts evaluate UC product providers based on the quality, efficacy and overall maturity of the products, systems, tools and procedures that enhance individual, group and enterprise communications.” Highest weighted criteria in this category are “product or service” and “overall viability.” In the completeness of vision category, “Gartner analysts evaluate UC product providers and their ability to convincingly articulate logical statements about current and future market directions, innovations, customer needs and competitive forces, and how well those map to Gartner’s overall evaluation of the market. Highest weighted criteria in this category are “market strategy” and “vertical/industry strategy.”

It’s an extensive process. We’re pleased that Gartner has positioned Cisco as a leader in its 2017 Gartner Magic Quadrant for Unified Communications based on “completeness of vision” and “ability to execute” for the last 10 years.

We continue to expand and integrate our UC and collaboration portfolio to serve organizations of all sizes. Our goal: Offer flexible deployment options and simplify platform choices to serve your business today and as it evolves. An essential part of that is enabling consistent and easy-to-use collaboration experiences that help your teams easily work and be more productive anywhere.  Based on user feedback and assessments like Gartner’s, we believe this strategy is working.

Gartner also scored Cisco highly in its companion report, Critical Capabilities for Unified Communications 2017.  According to Gartner “this research is intended to help organizations define their requirements and select specific products that match their needs from the vendors included in the Magic Quadrant for Unified Communications.’’

Cisco achieved the highest scores across all five critical capabilities use cases:

  • Full UC with strong telephony
  • Full UC with strong collaboration
  • Full UC for midsize organizations
  • Ability to offer hybrid solutions
  • Integration with contact center solutions

We believe, the report structure lets you focus on those uses cases that are most strategic for your business. Combining the perspectives from the two Gartner reports gives you a strong view both of the business and technical capabilities of UC vendors, as well as an evaluation of future direction.

Looking for more insight? Find these and more analyst evaluations of collaboration solutions, including contact center and web conferencing.

Source: Gartner, Magic Quadrant for Unified Communications, Steve Blood, Megan Marek Fernandez, Mike Fasciani, Rafel A Benitez, 19 July 2017. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Cisco.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Digital Transformation of Public Safety Highlighted at Cisco Live

– July 28, 2017 – 1 Comment

Cisco Live US which was held in Las Vegas the last week in June, is one of the premier IT industry events Cisco hosts every year.  This year’s event drew over 28,000 customers, partners, press and analysts. Our top executives presented keynote and innovation talks which tackled topics like cloud, collaboration, data center, enterprise networks, Internet of Things (IoT), and security  across all business and public sector segments including government, education, healthcare, public safety, and transportation.  We showed customers and other Cisco enthusiasts firsthand how our technology and solutions work together to solve their challenges.

One of the hottest topics at this year’s event was our new vison of the future of networking – The Network. Intuitive  The Cisco Digital Network Architecture (DNA) delivers intent-based networking solutions and services that turn network traffic data into actionable insights. It was specifically developed to help our customers make business decisions faster, mitigate more security threats, and manage the unprecedented scale of connected devices and services more easily.

Once again the Public Sector team had a strong presence at this year’s event.  We presented on a number of Public Safety topics ranging from the connected architecture to safer communities and countries.

In the Public Safety area of the Digital Industries booth in the World of Solutions (WoS) exhibition hall, we demonstrated several of our cutting edge solutions including ones addressing Connected Public Safety Officers via Mobile Communications, Live Stream Video for Public Safety and Industrial Users, Smarter Alerts for Public Safety and Industrial Users, and Cisco Instant Connect and Spark for Public Safety and Industrial Users.

We were also fortunate to have a couple of our important Public Sector partners join us in the WoS as well as speak at the event.  We featured Klas telecom’s Emergency Communications system for Public Safety.  Additionally BlueLine Grid joined us in our booth and demonstrated the integration of GridTEAM, their secure collaboration platform, with Cisco Instant Connect to enable communications between cell and radio as well as use their solution leveraging Spark to enhance mobile collaboration.

The last event of this year’s Cisco Live series will be held November 6 – 9, 2017 in Cancun.  We look forward to seeing you there and again next year at one of our 2018 Cisco Live events.  In the meantime, get more information at

Thank you

Cisco Public Safety Team













Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.


    Yes, Go Cisco Live. Certainly a great opportunity.

It’s OK to be fashionably late when you bring 3 more Cisco UCS world records

– July 28, 2017 – 0 Comments

When we announced our new M5 servers, we posted six new world record benchmarks.

This late last week received confirmation of three more world records.



SPECjBB®2015 MultijVM – #1 4-socket server result for critical-jOPS. The Cisco UCS C480 M5 delivered 229,029 – a 78% increase when compared to Cisco’s previous result #1 result.1
Detailed official benchmark disclosure report.

SPECjBB®2015 MultijVM – #1 4-socket server result for max-jOPS. The Cisco UCS C480 M5 delivered 351,175 – a 61% increase when compared to Cisco’s previous result #1 result.2
Detailed official benchmark disclosure report.

SPECjBB®2015 MultijVM – #1 4-socket server for Composite max-jOPS. The Cisco UCS C480 M5 delivered 262,190 – a 41% increase when compared to the previous generation result #1 result.3
Detailed official benchmark disclosure report.


The C480 M5 server offers a unique modular architecture for the CPU/memory modules and storage. This modularity, support for six GPUs, 12 PCIe slots, 32 drives, and world record performance makes it a great option for your most demanding workloads.

For additional information on Cisco UCS and Cisco UCS Integrated Infrastructure solutions please visit the Cisco Unified Computing & Servers web page.


Additional Disclosures

  1. The Java application performance improvement of 78 percent compared the SPECjbb2015-MultiJVM critical-jOPS score for the Cisco UCS 480 M5 Rack Server with a previous generation Cisco UCS C460 M4 Rack Server, a result of 128,990 that was published on June 6, 2016.
  2. The Java application performance improvement of 61 percent compared the SPECjbb2015-MultiJVM max-jOPS score for the Cisco UCS 480 M5 Rack Server with a previous generation Cisco UCS C460 M4 Rack Server, a result of 218,425 that was published on June 6, 2016.
  3. The Java application performance improvement of 46% compared the new benchmark SPECjbb2015-Composite max-jOPS score of the Cisco UCS C240 M5 Rack Server with the previous #1 platform result that was available on March 10, 2017.

SPECjbb is a registered trademarks of Standard Performance Evaluation Corporation. The benchmark results used to establish world-record status are based on those available at as of July 20, 2017.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Black Hat USA 2017: Cisco Umbrella Joins the NOC

– July 27, 2017 – 0 Comments

Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from various vendors and backgrounds, all with the same mission: build and secure a robust network for one of the largest cybersecurity conferences in the world. The primary mission of the SOC team in the NOC was to protect the network from attacks: externally and by attendees; especially from DDOS and traffic floods.

New this conference was the addition of Cisco Umbrella for DNS visibility, at the request of the NOC manager, arising from our experiences at Black Hat Asia 2017 with Umbrella Investigate. The set up was very simple: log into the Black Hat Umbrella account created by Alejo Calaoagan, my counterpart in Business Development; add in the Network ranges provided by CenturyLink for the conference; verify the Network ranges were authorized with Umbrella support; and DNS protection and visibility began within an hour.

We also enabled the Cisco Threat Grid intelligence feeds integration, by adding in the API key.

This imports the ~15 curated feeds included in a Threat Grid premium subscription from DNS queries and network streams of malicious samples seen in the last day, including:

  • Autorun Registry Changes
  • Ransomware Communications
  • Banking Trojans
  • Remote Access Trojans
  • DGA Domains
  • Stolen Certificates
  • Documents with Network Connections
  • Modified Windows Host Files
  • Samples Downloading Executables
  • Checking for Public IP Address

By default, Umbrella will begin blocking DNS traffic to sites known to host Malware, to Command and Control Callback servers and Phishing Attacks. At Black Hat, we wanted to enable all traffic, so the trainers and briefers can show the latest exploits.

Many presenters set up new domains and simulated malware expressly for the training. Umbrella blocked over 6,800 DNS queries from this default protection, before we turned off the enforcement. Over the weekend, we saw about 4.6 million DNS requests.

As the conference attendance grew and more briefings & trainings were conducted, the DNS volume also expanded rapidly. The team knew there has always been a large about of DNS traffic, but the visibility really shocked everyone with the amount of DNS look ups the network was handling. Interestingly, as the conference moved from Training into the Business Hall and briefings, the DNS queries dropped off precipitously.

Malware quickly rose to one of the top Categories, peaking at Number 3, before settling in at Number 7.

The network saw over 17 million DNS requests during the week.

Key takeaways:

  • Over 300,000 DNS queries were observed to domains known to be malicious or host malware
  • Over 12,000 queries went to Dynamically Generated domains
  • Over 7,800 newly seen domains were queried from Black Hat USA, many likely created for the express purpose of training
  • Over 6,800 domains were queried that had seen prior communication from known malicious samples in Threat Grid

Umbrella Investigate

Digging into some of the malware traffic with Umbrella Investigate, we were able to examine the infrastructure.

This included global DNS queries, WHOIS information and links to Threat Grid malware analysis reports for samples that have DNS queries to the domain.

The Threat Grid analysis report gave a summary of the behavioral indicators observed by the sample, with the ability to pivot to the full Threat Grid report that includes integrated threat intelligence, the ability to download the report, download the sample and interact with the sample in the ‘Glovebox’ feature.

We could also scroll down to the DNS query.

Threat Grid

Providing the network forensics was RSA NetWitness Packets. The RSA team brought in the pre-release code for v11 and added in the Cisco Threat Grid API key for dynamic malware analysis. It was an excellent beta testing environment. The SOC team placed NetWitness Packets into Continuous Monitoring mode, where .exe, .dll, .pdf, .doc, .rtf and other potentially malicious payloads were carved out of the network stream and underwent Static analysis, Network intelligence and Community lookup; before sent to Threat Grid for dynamic malware analysis and additional static analysis. RSA customers can register for a no-cost Threat Grid account within NetWitness, for up to five samples per day for ad hoc analysis.

Many of the samples seen were for trainings, with names such as: evil.exe, bot.exe, payload.exe, my_build.exe, drop.exe and master.exe.

Some interesting behavior was seen in a series of samples injecting code into memory.

I also noticed Remote IP Address Connected and investigated the network stream. Threat Grid is not just a “sandbox” for dynamic analysis, it is a threat intelligence platform that correlates the samples it has analyzed historically and globally. Investigating the IP address destination, we found that a several executables were related in the hard coded command and control (CnC) callback.

The bot.exe sample had similar behavior, but an elevated Threat Score due to the persistence mechanism in the registry.

Likewise, it had code injection into memory and CnC callbacks. Again, we found a family of samples with a shared destination.

Working with the NetWitness team, we were able to investigate the source to the samples and identify the bot.exe upload from a training event, and not an external or lateral attack.

This is the first year the Black Hat conference was completely wireless. The NOC team detected some rouge access points broadcasting the BlackHat SSID and other attempted spoofing. We were successful in our mission to provide a robust, stable and secure network for the Black Hat conference attendees, trainers, presenters and sponsors. I’m looking forward to going to London in December, for Black Hat Europe 2017.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

All comments in this blog are held for moderation. Your comment will not display until it has been approved