Cisco Live Day 4!

Today was the final and busiest day of Cisco Live 2018, with it being the last day of World of Solutions and also the Appreciation event. I decided I needed to make the most of it so I planned in a packed schedule starting with my first session of the day ‘Penetration Testing for Network Engineers – Know yourself and Enemy’. Now I’m not an out and out ‘Network Engineer’ but in my role as a Technical lead on Cloud and Security at Concorde, I felt it was important to get an insight and build up my knowledge on Penetration testing as well as some of the challenges that come with it.

Some of the facts in this session were a bit hard to comprehend like it is understood that at the rate we are going there will be 500 Billion IoT devices in the World by 2030. When I thought about that number of devices and how would it be possible to ensure all of them are secure and protected it did start to hurt my head a little. There was also a lot of information in this session around companies that have tried and failed to secure their devices within their network and the amount of companies that have been hit with some sort of Cyber/Ransomware attack in the last 12 months is very high, and growing every day.

As a company what options do you have? Option 1 would be ‘Hope that someone else fixes it’, or the wait and hope approach as I like to call it. Option 2, however, is to ‘validate what is going on’. By doing an audit, assessment and a final Pentest on your perimeter network you can ensure the safety of your environment, and if there are any gaps you’re in a position to close them. Why wait until after the fact of an attack to sort it when we can be proactive? I really found this session to be full of valuable information and it gave me more of an insight into the value of PenTesting.

As I mentioned before I wanted to make sure I didn’t waste my final day at Cisco Live so after a short 30-minute coffee break I was straight into my second session ‘FirePower Platform Deep Dive’.

Firepower slide

Currently, my only experience with FirePower has been with it working with an ASA firewall but since then it has developed into its own product line now which is rich with features. In this sessions title you will also notice the word ‘Platform’ this is another example of a recurring theme from this week, that Cisco is no longer doing ‘Solutions’, but ‘Platforms’. As the name suggests this session was very technical right from the start and gave a lot of good information around the different hardware models and the software that runs them. The one thing I didn’t like during this session was the version of CLI in the product as it was different from the traditional Cisco CLI we all know and love. This one, however, was more based on XML. The product does have a great friendly user interface but I was disappointed with the CLI being made different as 98% of the Cisco product range uses the same CLI, why change it for random appliance ranges?

The 3 hardware products within the FirePower range are the 9300, 4100 and 2100 with the 9300 being the more top end model down to 2100 being the more entry-level model. As with most Security appliances, these are all policy based, and as mentioned earlier the session was very technical and went deep into the Architecture of the device including the underlying software that runs it as well as the licensing model.

models.jpg

After this session, I had an hour break until my next Session so I decided to head down to the World of Solutions for one last time. Similar to my last few visits I just walked around, however, there was one stand which took my interest which was a company called ‘ScienceLogic’ – Hybrid IT service Assurance. Their product is an MSP level monitoring tool but instead of it being probe based on a lot of Monitoring platforms out there it is API based. This means no agent needs to be installed on the local infrastructure, and it has a multi-vendor support so it can monitor a host of different devices makes and models. If I’m honest a lot of the information on the stand was ‘Marketing’ based, but I did have a very insightful chat with the brilliant stand team members. However I am someone who needs to ‘see it to believe it’, so we exchanged information and my hope is to do a webinar demo on this product in the very near future!

The final session on day 4, and sadly the week for me (still have the closing Keynote and the NOC panel discussion tomorrow), was ‘Cloud Managed Mobility with Meraki & EMM’. With this session, I was more interested in the ‘Enterprise Mobility Management’ part as I am already familiar with Meraki and its products range. The one surprise for this session was that rather than spend 2 hours talking the presenter decided to do a ‘Live Demo’. This was a great contrast from over sessions, where they had done some demoing but none of it lives and off the cuff, and it made for some interesting viewing. As we all know, when it comes to living events something is always bound to go wrong, and this demo was no different. However what made it great for me was that the presenter was having a real-life issue that 99% of the people in the audience would possibly have if they were doing this back in the office, and it was great to see how a Meraki specialist handled overcoming that issue. The Enterprise Mobility manager with the Systems managers looks like a great tool within the Meraki Dashboard which allows customers to manage and protect their devices using policies and tags. With more and more customers evolving towards BYOD, tools like this are ideal for ensuring those devices are compliant with your company policies.meraki-slide.jpg

 

The 4th day was now coming to a close and all that was left before the Appreciation evening was the Closing Keynote with Guest speaker Burce Dickinson, lead singer of Iron Maiden! Now they are a bit before my time so I wasn’t overly sure who he was but he shared many of his life experiences including a lot of the businesses he has run in the past, including ownership of an Airline! Unlike the opening keynote this was not really based on a Cisco message or content, but more of an inspirational talk which was still a fitting end to the day.

rudamental

The Appreciation night kicked off with the sound of very loud drums which was followed by a great night of ‘food, drink, dance and repeat’. For more highlights of the day, don’t forget to check out my twitter feed @shabazdarr and Concorde’s feed @concordeTG. The final summary blog of the week will be released early next week so please keep your eyes peeled for that!

Shabaz Darr

 

Author: Shabaz Darr, Senior Professional Services Consultant at Concorde Technology Group

Cisco Live Day 3!

My day 3 started off a little bit later than usual as my first session wasn’t until the late morning where I attended ‘Security Monitoring with Stealthwatch: The detailed Walkthrough’. This session was based around a product I have heard of and read much about before but I have not had any hands-on experience, so my hope was that this detailed walkthrough would be a good starting point for me to get a closer look at this product and what it can offer.

One recurring theme and question I have seen throughout the last few days is how do we get the most out of our data?. Every day we are collecting all of this data that comes into our network, but how do we make it relevant and actionable?. The purpose of this seminar was to show how Stealthwatch can help make your data relevant and usable as to allow the customer to analyse potential threats and learn how to prevent them from entering your network.

Once the overview of the product was finished I felt that a lot of the detailed information was lost on me, it seemed to be more aimed at people who already use Stealthwatch but want to get more from the product. I did, however, take a lot away from this session and for moving forward I would like to create some time to run this in one of the hands-on labs over the next few days.

After a short coffee break, it was straight into session two for: ‘Best practises to deploy high-availability in Wireless LAN Architecture’.

 

seminar.JPG

This was a session I was really looking forward to as I already know a lot about Cisco’s Wireless range, and for me being able to understand how to make it highly available was a big bonus. The session did not disappoint, and after going through the introduction and current product range we started taking a closer look at the considerations around HA. One quote the presenter made which hit home for me was ‘Site Survey, site survey, site survey’. Too often I feel customers don’t realise the importance of doing a site survey and they see it as a waste of money, however, these surveys enable us to understand the environment and ensure we can implement a robust solution to fit their environments landscape.

My three main takeaways from this session are:

  • HA for Wireless is a multi-level approach
  • The solution you choose is based on the amount of downtime that is acceptable for your customers business application
  • SSO on the controller eliminates the network downtime upon a controller failure

With back to back sessions, I decided to head down to the HUB for some lunch and a look at what labs were available today. I was hoping to do one on Stealthwatch, however, that was not on the list for today, and with nothing else taking my fancy, I decided to head over to the DevNet Sandboxed labs to go through some of my CCNA labs.

My final session of the day was ‘Security Meets SD-WAN with the Cisco Meraki MX’. I have done many Meraki installations over the last few years, so the MX was something I was looking forward to learning a bit more about. For those who are not aware of Meraki, it offers a complete Cloud managed network solution for Wireless, switching, security, SD-WAN, Communications and even security cameras. My own experience is that Meraki is more known for its Wireless products and I feel Cisco Meraki has not promoted/marketed the other ranges as much as they could have done. I have however have seen a change in recent months and feel this year could see a big increase in the Meraki portfolio sales.

The main benefits of a cloud-managed solution are:

  • Security
  • Reliability
  • Scalability
  • Future proofing

In my opinion, the two key elements are the last two listed, as with hardware and on-premises solutions it can be sometimes difficult and costly to upscale and ensure you future proof due to hardware constraints. One thing I was not aware of until this session was that Meraki Cloud is backed by Cisco Talos threat intelligence, which for me is massive. Not only does it increase the cloud security but means it is always getting threat updates and learning. In addition to the IPS and Advanced Malware protection, Cisco Meraki is ensuring that their Cloud Platform is secure and has the capabilities to stays secure in the future. Again another theme for me this week is the real world examples, and this session was no different. For me, it added that bit of realism to the product that I needed to believe in what I was being told in the session. The 2nd half of the session got more into the technical aspects of the SD WAN deployment which was the new part for me along with the in-depth Event and URL logs which I was very impressed with.

That wraps up my take on day three. I must admit the amount of walking was really starting to take its toll so I was starting to tire towards the end of the day, however, I have once again taken so much away from my seminars today as well as the labs I did. For more information on the day take a look at my twitter feed @shabazdarr and Concorde Technologies feed @concordeTG

Shabaz Darr

 

Author: Shabaz Darr, Senior Professional Services Consultant at Concorde Technology Group