These are the slides used in the Live Webinar August 3, 2016 at 10:00 am Pacific Time / 1:00 pm Eastern Time. You can listen/watch the replay of that show at techwisetv.com. Just click on 'workshops.' The TechWiseTV Episode is also on that site or on YouTube at https://youtu.be/zZHRLsaKD3U
Demos to checkout:
ISE Streamlined Visibility: https://communities.cisco.com/videos/15260
ISE Context Visibility: https://communities.cisco.com/videos/15264
ISE EasyConnect: https://communities.cisco.com/videos/15285
ISE Threat-centric NAC (AMP): https://communities.cisco.com/videos/15269
ISE Threat-centric NAC (Qualys): https://communities.cisco.com/videos/15270
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
Replay the live event: http://cs.co/90008z2Ar
Learn how your existing Cisco network can help you to know exactly who is doing what on the network with end-to-end visibility, differentiate anomalies from normal behavior with contextual threat intelligence and stop threats and mitigate risk with one-click containment of users and devices.
It’s time for the network to protect itself. Please make time for this important workshop.
Resources:
Watch the Cisco Stealthwatch and ISE full episode: http://cs.co/90008z24M
Network as a Sensor-Enforcer on CCO:
http://www.cisco.com/c/en/us/solutions/enterprise-networks/enterprise-network-security/net-sensor.html
Cisco ISE Community
http://cs.co/ise-community
Replay the Live Event: http://cs.co/90068G6ln
Get an inside look at how Stealthwatch Learning Network License can transform your branch network router into a powerful security sensor and enforcer: one capable of quickly detecting threat activity and mitigating attacks, with little to no hands-on management needed.
Don’t miss this opportunity to hear from our security experts.
See the Stealthwatch Learning Network License TechWiseTV Episode: http://cs.co/90048G6WY
Cisco Network Insider: Three Ways to Secure your NetworkRobb Boyd
These are the slides from our Tuesday Jun 14, 2016 webinar featuring three building block technologies for quickly adding a ton of value to your security efforts.
Watch the Replay: http://bit.ly/1UhUZ1J
We covered:
- Identity Services Engine (ISE)- visibility and control…along with a solid set of sharing capabilities. Using ISE you can see the device types and control access to the network – and share what they see with Stealthwatch.
- Stealthwatch - Visibility with even more network elements…work in conjunction with ISE but adds behavioral analysis Using Stealthwatch you can see the behaviors of the devices and determine if they are infected with malware or ransomware – and then use the network to take action to contain from a single screen.
- Cisco Defense Orchestrator (CDO) - Cloud platform that analyzes security policy configurations for Cisco ASA Firewalls and OpenDNS. It identifies and resolves policy inconsistencies, models policy changes to validate their impact, and orchestrates policy changes to achieve consistency and clarity of your security posture.
TechWiseTV Workshop: Q&A OpenDNS and AnyConnect Robb Boyd
Cisco plans to further integrate OpenDNS with its other security tools acquired through mergers and acquisitions. OpenDNS cannot directly block URLs based on geographic location but can identify suspicious destinations based on geo-related factors. To use the full capabilities discussed, a customer needs AnyConnect Plus or Apex software subscriptions as well as a separate Umbrella subscription, though the Umbrella Roaming Client provides standalone DNS redirection. AnyConnect Plus and Apex licenses can also be applied to ASA Service Modules.
Watch the TechWiseTV Episode: http://cs.co/9001Bvqpz
Watch the workshop replay: http://bit.ly/2bAsxby
See how the latest evolution of Cisco TrustSec helps protect critical assets by extending and enforcing policies anywhere in your network. Go in-depth with how Cisco TrustSec simplifies your network security with software-defined segmentation.
Cisco Identity Services Engine (ISE) is a next-generation identity and access control policy platform that enables enterprises to enforce compliance, enhance infrastructure security, and streamline service operations. It determines whether users are accessing the network on authorized devices, establishes user identity and context, and assigns services based on user attributes. ISE provides comprehensive secure access, increases productivity, and reduces operations costs through centralized policy control, visibility, automated provisioning, and guest access management.
Текториал по тематике информационной безопасности Cisco Russia
The document discusses best practices for deploying and optimizing Cisco Identity Services Engine (ISE). It provides an overview of key ISE features in version 1.4, including enhancements to guest access, profiling, and load balancing. The presentation aims to help engineers implement ISE using best practices to ensure scalability, performance, and redundancy.
The document provides best practices for Cisco Identity Services Engine (ISE) configurations. It discusses recommendations for wired and wireless dot1x configurations, redirected flows, upgrading to ISE 2.0, and configuring mobile device management (MDM) authorization policies across different ISE versions. Key recommendations include enabling radius server dead detection, using policy sets to optimize policy lookups, and configuring separate authorization policies for MDM redirection and registered devices.
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
Replay the live event: http://cs.co/90008z2Ar
Learn how your existing Cisco network can help you to know exactly who is doing what on the network with end-to-end visibility, differentiate anomalies from normal behavior with contextual threat intelligence and stop threats and mitigate risk with one-click containment of users and devices.
It’s time for the network to protect itself. Please make time for this important workshop.
Resources:
Watch the Cisco Stealthwatch and ISE full episode: http://cs.co/90008z24M
Network as a Sensor-Enforcer on CCO:
http://www.cisco.com/c/en/us/solutions/enterprise-networks/enterprise-network-security/net-sensor.html
Cisco ISE Community
http://cs.co/ise-community
Replay the Live Event: http://cs.co/90068G6ln
Get an inside look at how Stealthwatch Learning Network License can transform your branch network router into a powerful security sensor and enforcer: one capable of quickly detecting threat activity and mitigating attacks, with little to no hands-on management needed.
Don’t miss this opportunity to hear from our security experts.
See the Stealthwatch Learning Network License TechWiseTV Episode: http://cs.co/90048G6WY
Cisco Network Insider: Three Ways to Secure your NetworkRobb Boyd
These are the slides from our Tuesday Jun 14, 2016 webinar featuring three building block technologies for quickly adding a ton of value to your security efforts.
Watch the Replay: http://bit.ly/1UhUZ1J
We covered:
- Identity Services Engine (ISE)- visibility and control…along with a solid set of sharing capabilities. Using ISE you can see the device types and control access to the network – and share what they see with Stealthwatch.
- Stealthwatch - Visibility with even more network elements…work in conjunction with ISE but adds behavioral analysis Using Stealthwatch you can see the behaviors of the devices and determine if they are infected with malware or ransomware – and then use the network to take action to contain from a single screen.
- Cisco Defense Orchestrator (CDO) - Cloud platform that analyzes security policy configurations for Cisco ASA Firewalls and OpenDNS. It identifies and resolves policy inconsistencies, models policy changes to validate their impact, and orchestrates policy changes to achieve consistency and clarity of your security posture.
TechWiseTV Workshop: Q&A OpenDNS and AnyConnect Robb Boyd
Cisco plans to further integrate OpenDNS with its other security tools acquired through mergers and acquisitions. OpenDNS cannot directly block URLs based on geographic location but can identify suspicious destinations based on geo-related factors. To use the full capabilities discussed, a customer needs AnyConnect Plus or Apex software subscriptions as well as a separate Umbrella subscription, though the Umbrella Roaming Client provides standalone DNS redirection. AnyConnect Plus and Apex licenses can also be applied to ASA Service Modules.
Watch the TechWiseTV Episode: http://cs.co/9001Bvqpz
Watch the workshop replay: http://bit.ly/2bAsxby
See how the latest evolution of Cisco TrustSec helps protect critical assets by extending and enforcing policies anywhere in your network. Go in-depth with how Cisco TrustSec simplifies your network security with software-defined segmentation.
Cisco Identity Services Engine (ISE) is a next-generation identity and access control policy platform that enables enterprises to enforce compliance, enhance infrastructure security, and streamline service operations. It determines whether users are accessing the network on authorized devices, establishes user identity and context, and assigns services based on user attributes. ISE provides comprehensive secure access, increases productivity, and reduces operations costs through centralized policy control, visibility, automated provisioning, and guest access management.
Текториал по тематике информационной безопасности Cisco Russia
The document discusses best practices for deploying and optimizing Cisco Identity Services Engine (ISE). It provides an overview of key ISE features in version 1.4, including enhancements to guest access, profiling, and load balancing. The presentation aims to help engineers implement ISE using best practices to ensure scalability, performance, and redundancy.
The document provides best practices for Cisco Identity Services Engine (ISE) configurations. It discusses recommendations for wired and wireless dot1x configurations, redirected flows, upgrading to ISE 2.0, and configuring mobile device management (MDM) authorization policies across different ISE versions. Key recommendations include enabling radius server dead detection, using policy sets to optimize policy lookups, and configuring separate authorization policies for MDM redirection and registered devices.
Cisco Identity Services Engine (ISE) is a centralized access control and policy management solution that can automate secure access to network resources. It profiles users and devices, authenticates network access, enforces security policy, and shares contextual data across the IT infrastructure. ISE provides capabilities for guest access management, secure BYOD onboarding, network access control, software-defined segmentation with Cisco TrustSec, and visibility/context sharing through its pxGrid technology. It supports a wide range of use cases including guest access, BYOD, network access, device administration, and compliance.
Cisco ISE provides comprehensive secure access through device profiling, posture assessment, and contextual identity to apply appropriate network access policies. It centrally manages policy enforcement on wired, wireless and VPN networks to increase security, productivity and operational efficiency. Cisco ISE automates user onboarding and ensures compliant devices receive network access while improperly postured devices are remediated.
Identity Services Engine Overview and UpdateCisco Canada
Cisco Identity Services Engine (ISE) provides an all-in-one solution for secure access across wired, wireless, and VPN networks. It replaces separate AAA, RADIUS, NAC, guest management, and device identity servers with a single platform for centralized policy management and visibility. ISE enforces dynamic access control policies based on user, device, location, and other context to protect networks and simplify security.
This session explains how the combination of IEEE 802.1AE (data link encryption) with the power of Session Group Tags achieves trusted security in a network. It covers the protocols details as well as use case and more importantly how CTS can be deployed in a network. This session is targeted mainly to enterprise customers.
Threats have never been more relevant than they are today. Nation states, adversaries, corporate and government espionage, hackers, etc. are all on the hunt for valuable information. The information they seek includes enterprise and individual details. Networks are only as secure as their weakest components. With the hyper-growth in connected devices including smart phones, tablets, wearables and Internet of Things (IoT) devices, networks are very vulnerable.
Cisco Secure Access Control System (ACS) and Cisco Identity Services Engine (ISE) are two technologies for network access control and security policy management. ACS provides centralized management of access policies for wired, wireless, and remote network access using RADIUS/TACACS+ protocols. It supports flexible authentication methods and integration with external identity stores. ISE combines authentication, authorization, accounting, posture assessment, and device profiling into one appliance. It provides enhanced features such as source group tagging, guest access management, and scalability for large enterprise deployments. ISE offers improved visibility, context-aware security policies, and integration with other systems through protocols like pxGrid.
Replay the Live Event: http://cs.co/90098Be7h
See firsthand how Cisco Tetration Analytics uses unsupervised machine learning and behavior analysis, along with advanced algorithmic approaches, to provide unprecedented insight into IT infrastructure.
Don’t miss this chance to get an up-close look at the analytics platform that lets you see and know exactly what’s happening in any application, any flow, anywhere in your data center—all in a matter of seconds.
See the Tetration Analytics TechWiseTV Episode: http://cs.co/90048BefC
Cisco Trustsec & Security Group TaggingCisco Canada
This presentation covers the protocols and functions that create a trusted network. We will discuss the best practices when deploying this tagging ability using campus switches including migration techniques from non-SGT capable to devices to a fully SGT capable network deployment. For more information please visit our website here: http://www.cisco.com/web/CA/index.html
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
Join this in-depth look and detailed demonstration of the OpenDNS Umbrella integration with AnyConnect and how it really can stop most threats before they become serious problems, protecting users anywhere they go, even when the VPN is off.
Watch the workshop replay: http://bit.ly/2bPT1ax
Watch the Video: http://bit.ly/2c60obv
Operational Complexity: The Biggest Security Threat to Your AWS EnvironmentCryptzone
Managing tightly-controlled user access in AWS is complex. And complexity leads to errors and sloppiness. There are six main reasons why this operational complexity is the biggest security threat to your AWS Environment. Paul Campaniello at Cryptzone discusses in this eBook.
The document discusses Cisco Stealthwatch and its capabilities for network visibility and security. Stealthwatch collects network flow data from switches, routers, firewalls, and other devices using technologies like NetFlow. It analyzes the flows to provide visibility into network traffic, detect threats, and enable incident response. It also discusses encrypted traffic analysis capabilities that can analyze encrypted flows by examining packet lengths, times, and byte distributions without decrypting the actual content.
Cisco Meraki offers a complete cloud-managed IT solution including wireless, switching, security, mobility management, and communications products. All products are centrally managed through a web-based dashboard for ease of deployment and management. Meraki provides these solutions to over 60 service providers globally to offer turnkey managed services for small and medium businesses as well as bespoke enterprise solutions. Key benefits of Meraki for service providers include simplified deployment, differentiated service offerings, and increased profit margins.
Cisco Wireless LAN Controller Palo Alto Networks Config GuideAlberto Rivai
The document provides a configuration guide for integrating Cisco WLC 5500, Kiwi Syslogd, and Palo Alto Networks PAN-OS 6.1 to collect user authentication syslog messages from the Cisco WLC and map users to IP addresses in PAN-OS for use in security policies. It outlines configuring the Cisco WLC to send SNMP traps containing authentication information to Kiwi Syslogd, and Kiwi Syslogd to convert and forward the traps to the PAN-OS syslog receiver. It then details the necessary configuration steps in PAN-OS to define a syslog filter to parse and extract the user and IP address from the incoming syslog messages.
Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation.
Register to Watch Webcast: http://cs.co/9003CRsH
Join the Conversation: http://cs.co/9008CRt6
The document summarizes Cisco Advanced Malware Protection (AMP) for Meraki MX, which provides comprehensive security and advanced threat protection across networks. It gives organizations visibility into threats across multiple locations, simplifies security management with a cloud-based platform, and helps quickly detect, analyze and remediate breaches. Key benefits include reduced time to detection of threats, continuous file monitoring, retrospective alerting, advanced malware analysis, and simplified security management from one central location.
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforcePerimeter 81
With the rise of cloud computing, Wi-Fi hotspots and the mobile workforce, the way we work has fundamentally changed. The complex, hardware-based and distributed legacy VPN technology of the past, is no longer relevant for today. Luckily, the emergence of cloud-based VPN and software-defined perimeter technology offers businesses the ability to protect critical company resources—based on-premise and in the cloud—in a simple and seamless way.
Sasa milic, cisco advanced malware protectionDejan Jeremic
Cisco Advanced Malware Protection uses a combination of techniques including signatures, machine learning, dynamic analysis, and behavioral analytics to both prevent known threats and detect previously unknown threats retrospectively. It provides security for networks, endpoints, and mobile devices through a cloud-based platform that shares threat intelligence between Cisco and its customers.
La solución propuesta implementaría redes inalámbricas 802.11n en 6 facultades de la UCV usando puntos de acceso Cisco y un controlador inalámbrico Cisco. El sitio survey identificó la necesidad de 126 puntos de acceso y 5 controladores, con un costo total aproximado de $725,000. Próximos pasos incluyen validar permisos de instalación, ajustar costos de adecuación e implementación, y elaborar una propuesta y especificaciones técnicas detalladas.
ReadyCloud Collaboration, a Cisco Powered serviceGen-i
The document discusses five essentials for implementing bring your own device (BYOD) in a business: unified network access, identity and policy management, security and remote access, applications, and management. It provides an overview of Cisco products and solutions that can help businesses achieve flexibility and control with BYOD, including tools for network access, identity management, security, and monitoring/troubleshooting BYOD environments. The document also outlines strategies for onboarding user devices and controlling applications and network access based on user, device, location, and time factors.
Cisco Identity Services Engine (ISE) is a centralized access control and policy management solution that can automate secure access to network resources. It profiles users and devices, authenticates network access, enforces security policy, and shares contextual data across the IT infrastructure. ISE provides capabilities for guest access management, secure BYOD onboarding, network access control, software-defined segmentation with Cisco TrustSec, and visibility/context sharing through its pxGrid technology. It supports a wide range of use cases including guest access, BYOD, network access, device administration, and compliance.
Cisco ISE provides comprehensive secure access through device profiling, posture assessment, and contextual identity to apply appropriate network access policies. It centrally manages policy enforcement on wired, wireless and VPN networks to increase security, productivity and operational efficiency. Cisco ISE automates user onboarding and ensures compliant devices receive network access while improperly postured devices are remediated.
Identity Services Engine Overview and UpdateCisco Canada
Cisco Identity Services Engine (ISE) provides an all-in-one solution for secure access across wired, wireless, and VPN networks. It replaces separate AAA, RADIUS, NAC, guest management, and device identity servers with a single platform for centralized policy management and visibility. ISE enforces dynamic access control policies based on user, device, location, and other context to protect networks and simplify security.
This session explains how the combination of IEEE 802.1AE (data link encryption) with the power of Session Group Tags achieves trusted security in a network. It covers the protocols details as well as use case and more importantly how CTS can be deployed in a network. This session is targeted mainly to enterprise customers.
Threats have never been more relevant than they are today. Nation states, adversaries, corporate and government espionage, hackers, etc. are all on the hunt for valuable information. The information they seek includes enterprise and individual details. Networks are only as secure as their weakest components. With the hyper-growth in connected devices including smart phones, tablets, wearables and Internet of Things (IoT) devices, networks are very vulnerable.
Cisco Secure Access Control System (ACS) and Cisco Identity Services Engine (ISE) are two technologies for network access control and security policy management. ACS provides centralized management of access policies for wired, wireless, and remote network access using RADIUS/TACACS+ protocols. It supports flexible authentication methods and integration with external identity stores. ISE combines authentication, authorization, accounting, posture assessment, and device profiling into one appliance. It provides enhanced features such as source group tagging, guest access management, and scalability for large enterprise deployments. ISE offers improved visibility, context-aware security policies, and integration with other systems through protocols like pxGrid.
Replay the Live Event: http://cs.co/90098Be7h
See firsthand how Cisco Tetration Analytics uses unsupervised machine learning and behavior analysis, along with advanced algorithmic approaches, to provide unprecedented insight into IT infrastructure.
Don’t miss this chance to get an up-close look at the analytics platform that lets you see and know exactly what’s happening in any application, any flow, anywhere in your data center—all in a matter of seconds.
See the Tetration Analytics TechWiseTV Episode: http://cs.co/90048BefC
Cisco Trustsec & Security Group TaggingCisco Canada
This presentation covers the protocols and functions that create a trusted network. We will discuss the best practices when deploying this tagging ability using campus switches including migration techniques from non-SGT capable to devices to a fully SGT capable network deployment. For more information please visit our website here: http://www.cisco.com/web/CA/index.html
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
Join this in-depth look and detailed demonstration of the OpenDNS Umbrella integration with AnyConnect and how it really can stop most threats before they become serious problems, protecting users anywhere they go, even when the VPN is off.
Watch the workshop replay: http://bit.ly/2bPT1ax
Watch the Video: http://bit.ly/2c60obv
Operational Complexity: The Biggest Security Threat to Your AWS EnvironmentCryptzone
Managing tightly-controlled user access in AWS is complex. And complexity leads to errors and sloppiness. There are six main reasons why this operational complexity is the biggest security threat to your AWS Environment. Paul Campaniello at Cryptzone discusses in this eBook.
The document discusses Cisco Stealthwatch and its capabilities for network visibility and security. Stealthwatch collects network flow data from switches, routers, firewalls, and other devices using technologies like NetFlow. It analyzes the flows to provide visibility into network traffic, detect threats, and enable incident response. It also discusses encrypted traffic analysis capabilities that can analyze encrypted flows by examining packet lengths, times, and byte distributions without decrypting the actual content.
Cisco Meraki offers a complete cloud-managed IT solution including wireless, switching, security, mobility management, and communications products. All products are centrally managed through a web-based dashboard for ease of deployment and management. Meraki provides these solutions to over 60 service providers globally to offer turnkey managed services for small and medium businesses as well as bespoke enterprise solutions. Key benefits of Meraki for service providers include simplified deployment, differentiated service offerings, and increased profit margins.
Cisco Wireless LAN Controller Palo Alto Networks Config GuideAlberto Rivai
The document provides a configuration guide for integrating Cisco WLC 5500, Kiwi Syslogd, and Palo Alto Networks PAN-OS 6.1 to collect user authentication syslog messages from the Cisco WLC and map users to IP addresses in PAN-OS for use in security policies. It outlines configuring the Cisco WLC to send SNMP traps containing authentication information to Kiwi Syslogd, and Kiwi Syslogd to convert and forward the traps to the PAN-OS syslog receiver. It then details the necessary configuration steps in PAN-OS to define a syslog filter to parse and extract the user and IP address from the incoming syslog messages.
Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation.
Register to Watch Webcast: http://cs.co/9003CRsH
Join the Conversation: http://cs.co/9008CRt6
The document summarizes Cisco Advanced Malware Protection (AMP) for Meraki MX, which provides comprehensive security and advanced threat protection across networks. It gives organizations visibility into threats across multiple locations, simplifies security management with a cloud-based platform, and helps quickly detect, analyze and remediate breaches. Key benefits include reduced time to detection of threats, continuous file monitoring, retrospective alerting, advanced malware analysis, and simplified security management from one central location.
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforcePerimeter 81
With the rise of cloud computing, Wi-Fi hotspots and the mobile workforce, the way we work has fundamentally changed. The complex, hardware-based and distributed legacy VPN technology of the past, is no longer relevant for today. Luckily, the emergence of cloud-based VPN and software-defined perimeter technology offers businesses the ability to protect critical company resources—based on-premise and in the cloud—in a simple and seamless way.
Sasa milic, cisco advanced malware protectionDejan Jeremic
Cisco Advanced Malware Protection uses a combination of techniques including signatures, machine learning, dynamic analysis, and behavioral analytics to both prevent known threats and detect previously unknown threats retrospectively. It provides security for networks, endpoints, and mobile devices through a cloud-based platform that shares threat intelligence between Cisco and its customers.
La solución propuesta implementaría redes inalámbricas 802.11n en 6 facultades de la UCV usando puntos de acceso Cisco y un controlador inalámbrico Cisco. El sitio survey identificó la necesidad de 126 puntos de acceso y 5 controladores, con un costo total aproximado de $725,000. Próximos pasos incluyen validar permisos de instalación, ajustar costos de adecuación e implementación, y elaborar una propuesta y especificaciones técnicas detalladas.
ReadyCloud Collaboration, a Cisco Powered serviceGen-i
The document discusses five essentials for implementing bring your own device (BYOD) in a business: unified network access, identity and policy management, security and remote access, applications, and management. It provides an overview of Cisco products and solutions that can help businesses achieve flexibility and control with BYOD, including tools for network access, identity management, security, and monitoring/troubleshooting BYOD environments. The document also outlines strategies for onboarding user devices and controlling applications and network access based on user, device, location, and time factors.
Punahou school maintains a secure and open campus with cisco - case studyCisco Mobility
The new solutions in place at Punahou School connect people, processes, data,
and things better than ever. This is the Internet of Everything (IoE). The original
Cisco Wireless network has grown to more than 300 access points. Cisco Unified
Communications solutions, including Cisco Unity® voicemail and Cisco Unified
IP phones are also connected, giving the school complete visibility to a common
platform. Wireless door locks and the accompanying software are connected to
the network, helping the school manage operations more efficiently. The school
can access and manage its photovoltaic sensors, which generate solar power
for the school from the network. Campus lighting and heating, ventilating, and
air conditioning (HVAC) systems connect through a VPN and Cisco firewalls for
secure remote controllability.
Learn more: http://www.cisco.com/web/about/success-stories/docs/punahou-school.html
onePK is an easy-to-use toolkit for development, automation, rapid service creation and more. It enables you to access the valuable data inside your network via easy-to-use APIs.
Build or extend applications across your routers and switches, to servers and new business platforms. Automate current services or create new ones on demand, when and where you need them and faster than ever. onePK makes your network more powerful and flexible while giving you the control you need.
http://ebrahma.com
[IoT World Forum Webinar] Review of CMX Cisco technologyBeMyApp
Cisco's CMX provides location detection, visibility, and engagement capabilities through Wi-Fi, BLE, and video technologies. It uses the MSE for location calculation and WLC/APs to collect client RSSI data. The CMX Mobile App Server hosts applications and Notification Receivers subscribe to location events. CMX's REST API allows extracting real-time location data for various use cases like improving customer experience in retail, banking, hospitality, and healthcare industries.
El sistema de certificaciones de Cisco SystemsEducática
Presentación gráfica y sintética, no exhaustiva, del sistema de certificaciones de Cisco Systems, sus pre-requisitos y el esquema de recertificaciones.
Sugiero que en todos los casos complete la información y la actualice ingresando al sitio oficial de Cisco: www.cisco.com/go/certificationes
This document summarizes several attacks against platform firmware and secure boot. It describes attacks that modify the platform key in NVRAM to disable secure boot, modify the image verification policies to bypass signature checks, exploit confusion between PE and TE file formats to skip signature verification, and corrupt the "Setup" UEFI variable to potentially brick the system. The attacks demonstrate vulnerabilities in how some firmware implementations store and handle sensitive secure boot configuration data in non-volatile variables.
BIOS and UEFI are types of firmware that control the boot process. BIOS uses the MBR partition table and boots by loading the MBR, then the partition bootsector. UEFI uses the GPT partition table and ESP partition, and its boot manager loads UEFI drivers and bootloaders. Secure Boot is an UEFI extension that verifies signatures of boot components for security.
Presentación Guía Preparación CCNA R&S 200-120 versión 5.1Educática
Power Point utilizado en la presentación de la versión 5.1 de la Guía de Preparación para el examen de certificación CCNA R&S 200-120 de Oscar Gerometta.
Para mayor información consultar en: http://librosnetworking.blogspot.com.ar/2015/01/guia-de-preparacion-ccna-r-200-120-v51.html
This document discusses the differences between BIOS and UEFI firmware interfaces that initialize hardware and boot operating systems on computers. BIOS has been used for over 25 years but has limitations. UEFI was created in 2005 to replace BIOS and overcome its limitations. UEFI supports larger disk sizes and partitions, a graphical interface, and can be programmed in C/C++, while BIOS is programmed in hex/assembly and has a non-graphical interface. The document recommends writing a program to test if a computer is booted using the legacy BIOS or newer UEFI firmware interface.
Internet of Everything Case Study: Punahou SchoolCisco Mobility
Maintaining a Highly Secure and Open Campus
Honolulu-based Punahou School is the largest coeducational, independent K-12 school on a single campus in the United States.
Challenge
- Continue to extend and enhance safety on campus
- Expand deployment of IP video security cameras while improving coverage and image quality
- Continue public use of the campus without compromising safety
Solution
- Cisco Connected Safety and Security Solutions
- Video surveillance software on Cisco Unified Computing System (UCS)
- Solutions built on the existing Cisco switched and wireless networks
Outcome
- Improved communication, safety, and emergency response
- Improved processes, operational efficiency, and access to data through the Internet of Everything
- Retained the accessibility and openness of the campus while simultaneously enhancing breadth and depth of security measures
Learn more: http://www.cisco.com/web/about/success-stories/docs/punahou-school.html
Cisco Identity Services Engine (ISE) provides a centralized security solution that automates context-aware access to network resources. It allows organizations to (1) gain visibility into devices accessing their network, (2) grant access based on user roles and needs, and (3) share threat information across security tools to improve detection and response capabilities. ISE controls all access from a single interface and integrates with Cisco and third-party solutions to enhance visibility and protection.
Enterprise Architecture, Deployment and Positioning Cisco Russia
The document discusses enterprise network deployment models and Cisco products for each model. It provides an overview of unified access, traditional access, converged access, and instant access deployment models. For each model, it describes the key characteristics and considerations, as well as which Cisco products are best suited as the lead platform. The document also covers topics like Cisco TrustSec for security, application visibility and control, and resiliency features of Cisco Catalyst infrastructure products.
Cisco prime-nms-overview-hi-techdays deep divesolarisyougood
This document discusses Cisco Prime Network Management and its benefits over traditional point-product network management solutions. It provides an overview of Cisco Prime's integrated workflows, common user experience, consolidated management capabilities, and benefits such as reduced costs, accelerated service rollout, and consistent user experience. Key features covered include comprehensive device lifecycle management, deep application visibility and performance assurance, and consolidated reporting and compliance auditing through a single management interface.
Cisco prime-nms-overview-hi-techdays deep divesolarisyougood
This document discusses Cisco Prime Network Management and its benefits over traditional point-product network management solutions. It provides an overview of Cisco Prime's integrated workflows, common user experience, consolidated management capabilities, and support for the full device lifecycle. Key features highlighted include comprehensive device manageability, assurance of application experience and visibility, simplified deployment of Cisco devices, and support for network lifecycle management.
New ThousandEyes Product Features and Release Highlights: July 2023ThousandEyes
The document summarizes new features and product announcements from ThousandEyes. It discusses updates to ThousandEyes for OpenTelemetry including new agent-to-agent tests and HTTP/page load metrics. It also previews the recently released Test Views 2.0 tool for filtering and aggregating test data. Additional announcements included plans to integrate ThousandEyes agents onto Meraki SD-WAN devices and Webex RoomOS devices to provide network visibility from those locations. Finally, it discussed upcoming enhancements to provide AWS network path details to help with cloud connectivity issues.
New ThousandEyes Product Features and Release Highlights: June 2023ThousandEyes
ThousandEyes held a quarterly webinar in March 2023 to showcase new product features and release highlights. They discussed updates to ThousandEyes for OpenTelemetry including additional test types and use cases. ThousandEyes also announced product integrations with Meraki MX devices, Webex RoomOS devices, and AWS network path enrichment to expand visibility and insights. The webinar provided demos of new features like Test Views 2.0 and encouraged attendees to review resources on their website and social channels for more information.
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco Canada
The document discusses Cisco's vision for a simplified IT management approach through a digital platform. Some key points:
- Cisco aims to simplify IT through a platform approach that delivers applications/services consistently across clouds, is extensible and open.
- The platform focuses on ubiquitous connectivity, actionable insights, secure data, simplified user experiences, and flexibility in consuming/deploying IT assets.
- Automation enabled by APIs and data-driven models allows consistent experiences and programmatic actions to simplify operations.
Are you facing some, or all, of these challenges?
-Host Mobility (w/o stretching VLANs)
-Network Segmentation (w/o implementing MPLS)
-Roles-based Access Control (w/o end-to-end TrustSec)
-Common Policy for Wired and Wireless (w/o multiple tools)
Using Cisco technologies already available today, you can overcome these challenges and build an evolved Campus network to better meet your business objectives.
Gartner report on Cisco TrustSec assessing technical components, interoperability considerations, Cisco’s progress in implementing support across product lines and customer deployment experiences.
This document discusses Cisco's approach to simplifying IT management through a digital platform. It outlines Cisco's principles of delivering ubiquitous connectivity, actionable insights, secure data, simplified experiences, flexibility in consumption and enhancing collaboration. It describes Cisco's focus on analytics, automation, security and compliance. The document argues that APIs enable programmable automation to drive simplification. It provides examples of how telemetry data and APIs can improve help desk troubleshooting. Finally, it positions Cisco as delivering the digital platform through a focus on security, experience, automation, analytics and an abstracted policy-driven approach.
Cisco integrated system for microsoft azure stackAymen Mami
This document discusses the Cisco Integrated System for Microsoft Azure Stack, which is designed to provide performance and manageability for Azure Stack deployments. It highlights key aspects of the Cisco and Microsoft partnership such as joint engineering, marketing, sales and support activities. It also summarizes Cisco virtual appliances that are available in the Azure Marketplace and how Cisco UCS solutions can meet the system requirements for optimized Azure Stack implementations.
This document provides an overview and deployment guide for web security using the Cisco IronPort Web Security Appliance (WSA). The WSA is deployed inline to monitor and control outbound web requests, filter content based on reputation databases, and dynamically analyze unknown websites to determine security risks. It helps businesses reduce productivity loss, liability exposure, and malware threats from employee internet use. The guide explains how to integrate the WSA with the Cisco ASA firewall and switch using WCCP redirection in the Cisco Smart Business Architecture reference design for midsize organizations.
The document summarizes Microsoft's experience deploying Windows Server 2003 across its own internal network. It describes the four major phases of deployment: integration planning, testing and piloting, enterprise deployment, and sustainment and management. It also discusses best practices for deployment gleaned from Microsoft's experience, such as testing applications and upgrades in a lab before deploying to production environments.
The document discusses the changing data center landscape and the rise of application-centric infrastructure (ACI) to address these changes. ACI provides a policy-based approach where application requirements are defined through application network profiles that can be applied across physical, virtual, and cloud infrastructure. This decouples applications from network infrastructure and provides visibility, security, mobility and automation through a centralized controller.
New ThousandEyes Product Features and Release HighlightsThousandEyes
The document summarizes new features from ThousandEyes in August 2022. It highlights improvements to workflow automation through automatic session tests, a Terraform provider, and next generation webhooks. Faster insights are provided by new features like Webex Control Hub integration and continuous monitoring. Operational intelligence is strengthened with new WAN insights and a Meraki integration.
Cisco Application Infrastructure Controller (APIC) enables Application Centric Infrastructure (ACI). APIC provides network abstraction and automation for WAN and access domains as part of the Cisco ONE platform, broadening its capabilities beyond the data center. The Cisco ONE Enterprise Networks Architecture uses APIC as its control layer to simplify configuration and provisioning of networks for the application economy through programmability and automation of network configuration.
IaaS Cloud Providers: A comparative analysisGraisy Biswal
The document compares IaaS providers Oracle, AWS, Cisco, and OpenStack on their approaches to common challenges faced in cloud computing. It discusses each provider's strategies for security of data, insufficiency of resources/expertise, complete governance over IT services, cloud cost management, dealing with multi-cloud environments, compliance, cloud migration, unformed technology, and cloud integration. The document aims to help readers understand how different providers address key issues for cloud service delivery.
Enterprise-Grade Trust: Collaboration Without CompromiseRobb Boyd
In today’s agile work environment, customers need to collaborate in real time with partners, vendors, and customers, and they want the best collaboration tools possible. At the same time, they’re cognisant of potential accidental or intentional misuse of data and malicious attacks – and the ramifications they can have for their company’s finances and reputation.
Cisco provides best-in-class collaboration tools with true end-to-end encryption that enable secure cross-company collaboration. Find out more about the six considerations for collaboration security and the new Cisco Webex Extended Security Pack – which provides a full-functionality Cisco Cloudlock cloud access security broker for Webex Teams with native Webex anti-malware capabilities powered by Cisco Talos ClamAV.
Resources:
TechWiseTV: http://cs.co/9009DzrjN
TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...Robb Boyd
Cisco Catalyst 9600 Series Switches are the next-generation purpose-built 40/100G modular core/aggregation platform, providing resiliency at scale with the industry’s most comprehensive security while allowing the business to grow at a low total operational cost.
The Cisco Catalyst 9606R is a 6-slot 8RU chassis ready to support a wired switching capacity of up to 25.6 Tbps, with up to 6.4 Tbps of bandwidth per slot. Some salient features of the Cisco Catalyst 9606R chassis are:
- Supports a nonblocking 40/100G Quad Small Form-Factor Pluggable (QSFP+, QSFP28) line card
- Supports a line-rate 1/10/25G SFP and Enhanced SFP (SFP, SFP+, SFP28) line card
- Optimized for the enterprise with efficient side-to-side airflow
- Front accessibility for all removable components, such as the supervisor, line cards, power supply, and fan tray
- Dual accessible fan tray for easy removal
- Embedded RFID tag for easy asset tracking
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design ConsiderationsRobb Boyd
Cisco Catalyst 9600 Series Switches are the next-generation purpose-built 40/100G modular core/aggregation platform, providing resiliency at scale with the industry’s most comprehensive security while allowing the business to grow at a low total operational cost.
The Cisco Catalyst 9606R is a 6-slot 8RU chassis ready to support a wired switching capacity of up to 25.6 Tbps, with up to 6.4 Tbps of bandwidth per slot. Some salient features of the Cisco Catalyst 9606R chassis are:
- Supports a nonblocking 40/100G Quad Small Form-Factor Pluggable (QSFP+, QSFP28) line card
- Supports a line-rate 1/10/25G SFP and Enhanced SFP (SFP, SFP+, SFP28) line card
- Optimized for the enterprise with efficient side-to-side airflow
- Front accessibility for all removable components, such as the supervisor, line cards, power supply, and fan tray
- Dual accessible fan tray for easy removal
- Embedded RFID tag for easy asset tracking
Resources:
TechWiseTV: http://cs.co/9009DzrjN
With users expecting an immersive experience, and with IoT becoming the new mobile, we are more dependent on Wi-Fi than ever before. The Cisco Catalyst 9100 Access Points, powered by Wi-Fi 6 (802.11ax) technology and supporting Cisco’s intent-based networking architecture, are ready for the growing user expectations, IoT devices, and next-generation cloud-driven applications. Cisco’s first Wi-Fi 6 access point can handle the increased mobile traffic as well as support IoT at scale. It has superior RF innovations and will expand wireless access with intelligence to provide a secure, reliable, high-quality wireless experience for all networks.
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...Robb Boyd
The document summarizes questions asked during a TechWiseTV workshop on application hosting on the Cisco Catalyst 9000 switching family. It provides answers to two questions: 1) Docker Hub software comes from various submitters so users must evaluate security based on labels and open source reviews. 2) Double app hosting is not supported on the Cisco Catalyst 9200 Series and is only available starting from the Cisco Catalyst 9300 Series.
With users expecting an immersive experience, and with IoT becoming the new mobile, we are more dependent on Wi-Fi than ever before. The Cisco Catalyst 9100 Access Points, powered by Wi-Fi 6 (802.11ax) technology and supporting Cisco’s intent-based networking architecture, are ready for the growing user expectations, IoT devices, and next-generation cloud-driven applications. Cisco’s first Wi-Fi 6 access point can handle the increased mobile traffic as well as support IoT at scale. It has superior RF innovations and will expand wireless access with intelligence to provide a secure, reliable, high-quality wireless experience for all networks.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9006ELWE6
TechWiseTV: http://cs.co/9009DzrjN
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series SwitchesRobb Boyd
Watch the REPLAY right now: http://bit.ly/2YoLbt3
Enterprise networks are now dealing with massive volumes of data, with a critical need to collect and analyze this data to respond faster and deliver insightful context. Traditional approaches, in which data is processed in remote servers, will no longer work. Data can burden the network unless some context is known. Edge computing can greatly reduce the data sent to the cloud or a remote server. Collecting and analyzing the data at the edge and making decisions locally rather than in centralized servers significantly reduces the latency and bandwidth of the network.
Powered by an x86 CPU, the application hosting solution on the Cisco Catalyst 9000 switching family provides the intelligence required at the edge. Native Docker engine support on the switches will enable users to build and bring their own applications without additional packaging. Cisco DNA Center will provide consistent workflows to manage the entire application lifecycle across multiple Cisco Catalyst 9000 switches through the App Hosting dashboard.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9001EIbih
TechWiseTV: http://cs.co/9009DzrjN
The document is a Q&A session on Cisco's SD-WAN security capabilities. Questions covered include how SD-WAN handles network access control, quality of service, central management software, integration with other Cisco products, differences compared to dedicated firewalls, hardware options for different site sizes, scalability, routing protocols supported, intrusion protection, and centralized management of security policies.
Technical Overview of Cisco Catalyst 9200 Series SwitchesRobb Boyd
TechWiseTV's Cisco Container Platform live workshop took place on July 18th.
For the first time in the industry, a single family of fixed, stackable, and modular switches are running on the same IOS-XE operating system along with a common ASIC.
Cisco’s Catalyst 9200 rounds out the lower end of its incredible Catalyst 9000 family of switches. The 9200 is designed for small, medium, and branch deployments, providing greater modularity, redundancy, and stackability than the Catalyst 2960 it replaces.
Register now.
The document discusses Cisco's Container Platform and provides the following key points:
1. Cisco's Container Platform provides a turnkey solution for production-grade Kubernetes container environments that is easy to acquire, deploy and manage on hybrid cloud infrastructures.
2. It features native Kubernetes integration that is 100% upstream compatible, integrated networking, management and security capabilities, and support for AI/ML workloads.
3. The platform architecture includes hardware from Cisco (UCS servers, Nexus switches), virtualization software (VMware, HyperFlex), and container-specific software like Kubernetes, Istio and Prometheus for orchestration, networking and monitoring of container workloads.
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlexRobb Boyd
Find out how organizations like yours are deriving business value from the HyperFlex HCI solution. Join us for a deep dive and Q&A at the TechWiseTV workshop.
TechWiseTV Hyperflex 4.0 Episode: http://cs.co/9009EW2Td
Today’s multicloud WAN environment is not only complicated–it can expose your business to an ever–expanding threat landscape. Learn how to provide consistent security across clouds, branches, and users. http://bit.ly/2DWBBX8
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless ControllerRobb Boyd
This document discusses Cisco's Catalyst 9800 Wireless Controller. It introduces the Catalyst 9800 series, which includes the C9800-40 and C9800-80 appliances. The C9800-80 can support up to 6,000 access points and 64,000 clients, while the C9800-40 can support up to 2,000 access points and 32,000 clients. The document also discusses the Cisco Catalyst 9800 Wireless Controller for Cloud and for Switch, which embed the wireless capabilities on switches. It highlights features like seamless software updates, high availability, and support for technologies like SD-Access, ETA, and wireless assurance.
Protect Kubernetes Environments with Cisco Stealthwatch CloudRobb Boyd
Jeff Moncrief discusses how Stealthwatch Cloud provides visibility, threat identification, and network compliance for Kubernetes environments. Stealthwatch is deployed as a POD application on each node to create network telemetry of all POD to POD traffic and report it to Stealthwatch Cloud, giving complete visibility into traffic in the Kubernetes cluster. The solution deploys as a Pod and integrates with the node-level network layer to provide visibility, baselining, and anomaly detection into container and pod communications.
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIsRobb Boyd
Learn more on getting hands-on with Cisco DNA Center Platform APIs. Join us as we go over the brand new DNA Center Platform and show you how to start integrating and developing your own applications on DNA Center. The possibilities are endless!
Watch the replay: http://cs.co/9000DCie4
In today’s digital economy, getting ahead means crunching a lot of data. That’s why businesses of all sizes and industries are investing in high-performance computing. However, the last thing IT needs is another tech silo to manage.
Fortunately, the new Cisco UCS C4200 Series chassis and C125 M5 server node help you scale out compute-intensive workloads with ease—with the network fabric you already have. This TechWiseTV Workshop will get you up to speed fast.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9006DAVPC
TechWiseTV: http://cs.co/9009DzrjN
Watch the replay: http://cs.co/9000DCie4
In today’s digital economy, getting ahead means crunching a lot of data. That’s why businesses of all sizes and industries are investing in high-performance computing. However, the last thing IT needs is another tech silo to manage.
Fortunately, the new Cisco UCS C4200 Series chassis and C125 M5 server node help you scale out compute-intensive workloads with ease—with the network fabric you already have. This TechWiseTV Workshop will get you up to speed fast.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9006DAVPC
TechWiseTV: http://cs.co/9009DzrjN
This document discusses Cisco's new Flexible Consumption Model (FCM) for software licensing. FCM aims to provide more flexibility and lower costs by allowing customers to pay for software licenses as needed rather than requiring large upfront investments. Key aspects of FCM include pay-as-you-grow licensing, global pooling of licenses, and investment protection through software portability. FCM is supported on Cisco's core routing platforms like the ASR 9000 and will provide benefits like reduced total cost of ownership through more efficient license usage and alignment of network growth with demand.
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google CloudRobb Boyd
Cisco and Google Cloud experts join TechWiseTV to demonstrate how you can use the Cisco Hybrid Cloud Platform for Google Cloud as a DevOps platform that works consistently across data center and public cloud environments. You’ll learn how to take advantage of containers, microservices, public cloud toolsets, and other modern cloud development innovations while having the flexibility to deploy your applications wherever they run best.
With integrated connectivity, security, management, and control, your applications will operate consistently from prem to cloud and back again.
Resources:
Watch the replay: http://cs.co/9007DawLd
TechWiseTV: http://cs.co/9009DzrjN
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
This cover slide should be updated with current information and left on screen as people log in.
- Replace ‘Topic’, ‘Guest Speaker’ , ‘Date’
Gain awareness of everything hitting your network
Get more context about your network users than just an IP address: Who is accessing your network, what they are using it for, where users are, how users gain access
ISE provides a more comprehensive set of probes to get contextual awareness needed to profile correctly, giving visibility to user name, time of access, location, device type and access type
ISE can be utilized as the single source to segment and enforce policy across your entire network because it can both share and receive context information from various platforms
Use context to guide access policy decisions. Differentiate which end users can access what, and use information on the device they login with to determine if they can access sensitive material
Provide more context than just an IP address to your network solutions. With over half of employees working outside the office and 75% of employees using multiple devices, ISE’s unsurpassed analytics that drive enhanced device authentication is essential
Know what devices are connecting to your network
Gain granular visibility into what your end users are connecting to your network. See device details such as whether they are corporate or non-corporate assets, mobile or desktop, Android or iOS device, and more
Provide access consistently and efficiently
Deliver appropriate access based upon device, role, location, and other attributes
Use a wide range of access control lists (ACLs) to determine what your various network users can access
Roll out highly secure network access without manually configuring endpoints for authentication and authorization
Utilize pre-configured profile templates and multiple-level guest access to get up-and-running quickly
ISE uses standard RADIUS and TACACS+ protocols for authentication, authorization, and accounting (AAA)
Enforce wired, wireless, and remote policies from a single platform
ISE provides end users with consistent access no matter how they are connected to your network. Policies are seamlessly cascaded across all types of access points
Use dynamic visual tools that offer real-time previews of the portal screens that end users experience
Relieve the stress of complex access management
Manage ISE service on non-Cisco solutions through one central location
ISE provides 802.1x authentication support for Cisco and 3rd Party networking devices
ISE enables advanced use cases for Cisco and 3rd Party networking devices
Maintain up-to-date policies and compliance on all devices with TrustSec
Use access control lists (ACLs) to deliver policy updates to entire segments of users, eliminating manual processes
As a software-defined security controller, ISE provides greater flexibility in policy enforcement and policy-creation from a centralized location
The unified secure access control alleviates tedious access management, enabling compliant devices to access the network regardless of connection type
Enable your end users to onboard their own devices
Alleviate the device-onboarding burden from your IT staff with self-service onboarding. End users are able to register and provision new devices according to the business policies defined by the IT administrators
With ISE 2.1 we are introducing a feature called Easy Connect, which offers a quick, easy, and flexible method for user authentication that applies when endpoints don’t support 802.1x. We understand that 802.1x can be hard to deploy, and requires touching each endpoint. And we understand that users often complain about additional app authentications. We listened to the need for an option that doesn’t require 802.1x roll out and that doesn’t require touching each endpoint. Easy Connect addresses all of those concerns.
Unlike competitors who use a MAC address to give devices network access, Easy Connect permits access to the network with user information behind it. Easy Connect finds devices based on the user, and gives differentiated access with no 802.1x involved. The moment a user authenticates with Easy Connect, ISE maps the user’s identity and pushes a tag to the endpoint to enable policy enforcement, even if the network isn’t configured with TrustSec. ISE can be an SXP speaker that directly points back from the endpoint, enabling tags to be passed along for enforcement so that TrustSec can work with a broad set of devices (e.g. third-party devices like a non-supported access switch). ISE also publishes information using pxGrid.
ISE 2.1 delivers integration of TrustSec and ACI security policy groups, enabling consistent enterprise-wide policies that leveraging user roles and device type together with application context. The complementary group-based policy approaches of TrustSec and ACI vastly simplify security design, operations and compliance. Policy challenges such as compliance and breach prevention are not simply constrained to the datacenter or campus – these are end-to-end challenges. With this new integration, we’re helping customers address these challenges more cohesively and we’re making it easier to do so.
With the integration, TrustSec Security Groups can be used in ACI contracts. External endpoint groups (EPGs) are automatically created in APIC by ISE, and group information is automatically updated by ISE. Similarly, ACI EPGs can be used in enterprise network security policies. Security Group Tags created by ISE automatically describe the assets in ACI, and intelligent application classifications from ACI can be used in TrustSec policies. This avoids moves/adds/changes in the Enterprise security policies.
This integration streamlines many enterprise security objectives. For instance, if a retail bank needs segmentation in the datacenter and at branches to separate PCI-compliant infrastructure, and also wants to provide access to a user group such as auditors, TrustSec-ACI integration enables the bank to do this by using a single set of enterprise-wide groups. The ACI groups take care of the datacenter piece, while the TrustSec groups address the user piece and the bank can rest assured that there is total consistency.
In addition to the campus and branch scenario, TrustSec group-based policies can work together across datacenters, and a TrustSec-enabled datacenter can link to an ACI datacenter.
ISE 2.1 offers greater flexibility in terms of how customers can implement security policy changes when using TrustSec. Specifically, ISE 2.1 introduces new change management capabilities that enable you to stage TrustSec policy changes using a Staging Matrix so that impact can be verified before deployment. You make changes in the staging matrix, test them, edit them and can invoke an approval workflow so that only approved changes can get deployed. Another important new capability is that you can now choose to deploy changes to selected devices. This is useful if you want to make policy changes, but you want to enable them in different locations or datacenters in a controlled way, and don’t want a set of policies activated everywhere at once.
If you are considering TrustSec, these new capabilities mean you can roll out TrustSec across your current IT environment in a methodical, staged way – no need for a “big-bang” roll out approach.
With ISE 2.1, we expanding ISE device administration capabilities to include not only TACACS+ support, but also additional network access device administration functionality.
Before, we controlled user access to the network, meaning ISE could check for guest and employee rights to make sure they were granted the right access. Device administration and TACACS+ is relevant for device administrators themselves, so that you can make sure that network administrators only have access to the network devices, and the security team only has access to the security devices, like firewalls. With ISE, you can enable role-based access control for administrative access, so that administrators have the right access—and the only the right access—to do their job. Plus, ISE offers a device administration workspace, which is a clean, modular, isolated space that doesn’t tie to the other areas of ISE. This provides a contained workspace so that an administrator with a specific role (network administrator, for example) can do authentication, authorization and accounting from a single location, helping them work more efficiently and effectively.
The migration from Cisco Secure ACS to Cisco ISE 2.1 has been made as simple as possible with a built-in tool that automatically migrates ACS configuration data to ISE. However, it will not migrate monitoring and troubleshooting data.
Additional note on RADIUS & TACACS+
ISE has used RADIUS for AAA administration in the past, but with ISE 2.0, we added TACACS+. TACACS+ supports a lot of the same use cases as RADIUS, but TACACS+ is a protocol that wasn’t available at all on ISE, until the ISE 2.0 release. With ISE, you now have RADIUS and TACACS+ in the same interface.
Migration benefits include:
Eliminate complexity and management time with unified policy management
Build richer contextual policies
Discover, identify, and monitor all IP-enabled endpoints
Enforce dynamic access control
Improve your Cisco security and network solutions
Share contextual data on devices and users across platforms with pxGrid
Cisco pxGrid context sharing enables ISE and other platforms to gather more information such as user name, time of access, location of access, device type and type of access and share it with other platforms in your network
ISE collects data from other Cisco network devices in order to update and enhance policy
Strengthen security across your Cisco solutions with shared Security Group Tags (SGTs) from TrustSec
ISE provides better user visibility into context details for many other Cisco security solutions through pxGrid technology. Link WSA, StealthWatch, AnyConnect, or the FireSIGHT Console with ISE to better protect you before, during and after an attack.
Differentiate access automatically based on ISE identity data using TrustSec. Policies created in ISE integrate seamlessly with Cisco networking infrastructure such as routers and switches to automatically segment access
ISE adds to mobile device management (MDM) functionality by providing greater insight into the posture of mobile devices and enforcing appropriate network access policies
Strengthen your non-Cisco security solutions
Standardize policy enforcement on partner platforms via pxGrid
ISE shares user and device details with partner platforms to make them user, device, and network aware and enables enhanced and consistent policy enforcement
ISE collects large amounts of contextual information from a wide variety of partner sources that permit ISE to prevent inappropriate access and detect and minimize the spread of network threats
Help customer IT environments integrate into Cisco networks, decreasing time, effort and cost to responding to security and network events
Enhance 3rd party network devices with ISE capabilities
ISE shares details with, and collects information from non-Cisco devices in order to inform user and device policy and share across your network
ISE provides 802.1x authentication support for 3rd Party networking devices.
ISE enables advanced use cases for 3rd Party networking devices
ISE delivers comprehensive authentication and authorization against multi-forest Microsoft Active Directory domains
Make better decisions with user and device insights
Allocate network resources more effectively with user and device data
Gain user details beyond IP such as user name, login time, location, and access type to analyze network usage. Track users’ network activities, including where they have been, and bandwidth usage to ensure resources are allocated securely and effectively
ISE 2.0 offers enhanced reporting with improved filtering for live log and reports that inform business decisions
Analyze and present context data to justify network upgrade spends
Inform access management with user and device behavioral trends
Utilize network usage reports to refine access policies based on a variety of trends, including device traits, access locations, and more. For example, a hospital can restrict access to patient files to doctors and nurses to only when they are in patient rooms, their office, or the laboratories. A network administrator can also restrict access from iPads with a specific software update that poses a threat to the network
ISE 2.1 now supports dashboard customizations based on user preferences. Users can customize their main screen to reflect the metrics and reports that they care about most by leveraging drag & drop “dashlets” (dashboard components) or selecting from pre-made layout templates. Customizable tabs, dashlet placement and order ensure that everything the user needs is just a click or two away. And users can export reports to Excel and PDF.
ISE 2.1 also adds task-oriented Work Centers for BYOD, posture, and profiling, in addition to existing Work Centers for TrustSec, device administration, guest and network access. Work Centers ease day-to-day configuration and management burdens, centralizing work associated with a given task to a single pane. Easily flip back and forth between tasks without having to jump around to disjointed data sources.
ISE 2.1 comes with several enhancements to the Streamlined Visibility Wizard, delivering a new level of visibility by making data more consumable. It includes a redesigned graphic user interface (GUI) that enables you to get set up and gain insights faster and more easily than ever before. First, the wizard itself – it’s now as simple as plugging in a toaster, making deployment much more convenient – you can deploy in as little as 10 mins. You can set up, go to lunch, and in a few hours the wizard pulls the information it needs from your network – you can start seeing value right away.
Second, you get to the data you’re looking for more quickly and easily. The reporting you receive is now more easily and quickly consumable thanks to the UI improvements. This means you can get a lot of the information about what’s on your network right from day 1. This is especially important as we move into the world of IoT, with more and more devices accessing the network.
In addition to the rich data and greater convenience of the Streamlined Visibility Wizard, ISE 2.1 also comes with enhancements to Context Visibility. With ISE 2.1, you gain the ability to aggregate, store and search high volumes of endpoint data, giving you greater visibility. ISE 2.1 collects data from multiple sources into one place, and its enhanced database stores more historical data than ever.
With ISE 2.0, you could log 250K endpoints – with ISE 2.1, you can now store data on 1.5M endpoints across 50 attributes, meaning you get a much deeper level of insight and can use ISE data in more scenarios. Instead of being limited to information on endpoints currently on the network , you can perform forensic analysis and get information on an endpoint that was on the network in a previous week.
Another benefit is that all of this information is in one place – the database pulls in data from logs, sys logs, reports – data that was scattered in many different places. Now, it’s all aggregated, and gives you a much deeper historical view. The UI a lot simpler and easier to use, so you can hone in on the information you need much more easily.
With pxGrid, Cisco is committed to an open, platform-based framework that allows us to improve the efficacy of Cisco's industry-leading offerings, such as the combined solution of Rapid Threat Containment with Firepower and ISE. The pxGrid framework also enables Cisco to integrate with ecosystem partners, enabling customers to use integrated, cross-vendor solutions that best fit their existing infrastructure.
Threat-Centric NAC:
New partner: Qualys - Qualys provides CVSS vulnerability scores, supplementing threat information from AMP and contextual awareness from ISE.
Cloud Access Security Broker:
New partner: NetScope
User Behavior Analytics:
New partner: Niara
Rapid Threat Containment: Utilizing integration via pxGrid Adaptive Network Control, Cisco ISE enables security ecosystem partners from a broad variety of technology areas to take network mitigation and investigation actions in response to security events.
New partners: RedShift Networks, TrapX, Attivo, Intelliment, ThreatTrack, and LemonFish
Existing ecosystem partner – expanding integration to new use case: FortScale
Identity Access Management:
New partner: Situational
Network Visibility:
New partner: Lumeta
Mobile Device Management:
New partner: Microsoft
One big challenge enterprises face is that it can be really difficult to obtain important data related to the devices and users accessing your network. Even when you know the contextual data you’re looking for is out there somewhere, but it is often opaque or hidden from view. And then, to complicate things even further, even when the location of critical data is clear, it is often only available within a limited silo of your network. For example, you might have access to a device name through the device manager, but the user name you’re looking for exists within the identity store, and meanwhile all of your application information would be somewhere else. Getting comprehensive visibility across all of your users, devices, locations, destinations and applications, especially when that data is in separate silos, is not easy. For that reason, it often requires multiple solutions to get a truly holistic view.
With the AnyConnect Network Visibility Module introduced in ISE 2.0, AnyConnect enhances the forensic capabilities available to you by effectively using the network as a sensor and extending the sensor capability all the way to the endpoint. It provides deeper visibility into the intelligence you need across endpoints, users, and applications, and makes it available in a single location. AnyConnect consolidates all netflow traffic being generated from an endpoint, enabling that data to be sifted through by collectors (such as Splunk) to identify anomalous behavior and trends that could indicate a compromised endpoint or that a user is using a device inappropriately.
You can exclude select context variables to meet privacy requirements.
With the increased ability to collect contextual information across the network, you gain auditing intelligence that enables greater insight and more informed action. Network admins can look at user and application behavior to make informed improvements in network design, overall capacity, etc. Security admins can look for behavior anomalies that could help them prevent the extraction of sensitive data. Desktop admins can leverage forensic analysis to aid their ability to minimize the spread of network threats across the rest of the network.
With a more holistic view of your network, your teams can collaborate to improve network operations and more effectively defend across wired, wireless, and VPN networks.
Another important capability is that AnyConnect NVM is “always-on”. If a user with AnyConnect on their endpoint isn’t on VPN, AnyConnect simple stores the information until AnyConnect VPN is re-enabled and sends the information to the NVM for analysis. This reduces blindspots.
We introduced AnyConnect NVM in a previous release. Our latest release includes refinements to the AnyConnect NVM capability – it’s now more flexible in terms of deployment and other capabilities. For example, NVM now offers a flexible collection policy – you can choose to collect data on only the attributes you care about, instead of collecting data on a fixed set of attributes. As another example, NVM now enables cached data throttling – you can choose how much data AnyConnect NVM will collect once a user who’s not connected via VPN gets back on the VPN.
Ease security policy setting
Set initial access policies quickly
ISE ships with predefined device profile templates for a variety of devices, but also allows administrators to create their own device templates based upon business needs
Create custom guest experiences with advertisements and corporate branding from one convenient place for free
ISE Deployment Assistant (IDA) reduces the time to design and deploy ISE with network assessment capabilities, network device configuration, and the ability to troubleshoot failed authentications
Update, maintain, and create new policies with ease
Create organization-specific policies with ease. For example: If there is a security threat on the most recent software update of an Android device, create a policy to block Android access and protect your network in minutes
Ensure all endpoints conform to the organization’s posture policies with a client-based agent, a temporary web agent, or a query to an external MDM/EMM system
Remove the hassle of certificate management by easily deploying an internal certificate authority that simplifies certificate management, and automatically revokes certificates of stolen devices
Limit unnecessary network exposure
Reduce the risk of threats spreading with simple segmentation through TrustSec
Since ISE is a software-defined security controller, it can enable networks to mitigate risks automatically
TrustSec provides a simple, scalable way to implement segmentation across the network
Use access control lists (ACLs), pre-configured profile templates, and multiple-level guest access to provide access on a strategic need-to-know basis, protecting critical segments of your network
Apply uniform policy across network solutions
Utilize your unified network as an enforcer to implement policy centrally and cascade it across your entire network
Ensure consistent security across your entire network by sharing user and device profiles from ISE with other network solutions
Prevent threats from compromising your network in real time
Contain threats with automated user and device quarantining
ISE integrates with Cisco FireSIGHT Management Center (FMC) to deliver Rapid Threat Containment. ISE automatically changes the Security Group Tag to suspicious, triggering policy enforcement which contains the device for remediation
Remove compromised users and devices
Instantly remove an endpoint’s access to the network based on preset standard or custom policies
Monitor and change the authorization of an endpoint without having to modify an overall system policy
With Threat-Centric NAC, we’re adding new vectors that enable better classification. That means you’re now able to go a step beyond contextual details on who, what, when, where and how – with ISE 2.1, you’re stopping threats by directly identifying them with vulnerability data from Qualys and threat intelligence from AMP informed by Talos, Cisco’s security intelligence arm. It starts with visibility – you’re able to see Qualys vulnerability scores and AMP threat intelligence data along with other contextual information. This information allows you to adjust policies in response.
You can also enable intelligent, automated policy updates (change of authorizations) based on Qualys vulnerability data, ensuring that your policies are always up to date based on the latest vulnerability levels. Qualys uses standard CVSS scores to assign a 1-10 score to each vulnerability, helping you investigate the most important items. Similarly, information from AMP is grouped by threat assessment – e.g. distracting, painful, etc.
ISE 2.1 now integrates with Cisco Firepower Management Center 6.1 to deliver better rapid threat containment, which basically enables the network itself to inspect and act as an enforcer of user access. By working with the pxGrid framework, FMC is able to download additional user data, device type data, device location data and SGTs from ISE. Besides the added visibility that ISE provides, this data is also actionable intelligence because it extends network control by enabling policy creation based on SGTs, device type, or other contextual data. The integration of FMC 6.1 and ISE 2.1 means you get to leverage the latest enhancements in both solutions.
In the use case included here, Firepower Management Center is able to scan the activity of authorized users across all approved devices that are connected to the corporate network. Whenever suspicious activity, malware, or any other potential threats are detected, FMC alerts ISE using pxGrid, and the Security Group Tag is automatically changed to “suspicious”. Based on that new SGT, network enforcers informed by pxGrid automatically enforce policy on the network. According to policy, the device is contained for remediation or mitigation. You can set things up so the user receives a notification informing them that they have been blocked from the network due to infection. You can also automatically redirect infected users to a remediation portal where the threat is addressed and the user is seamlessly let back onto the network.
Through the automated inspection and enforcement of network access policy, FMC and ISE together provide greater network security through early threat detection and rapid threat containment.
Finally, customers have the ability to leverage Cisco’s growing partner ecosystem to implement the rapid threat containment solution that is best for their current infrastructure and business needs. Cisco has a rapidly growing ecosystem of partners that leverage ISE and pxGrid to deliver rapid threat security. We’ll talk in a moment about our growing partner ecosystem