Post on 29-Jul-2018
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Cisco IT E-Learning CDO-IT Collaboration Track Technologies - Part 2 (Security, Network Systems, Data Center)
Produced by the Cisco on Cisco team within Cisco IT
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 2
Cisco IT E-Learning CDO-IT Collaboration Track Security
Jeff BollingerIT Engineering, CSIRTJames KasperSoftware Engineer, IPS Engineering
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 3
Cisco NDIS Team and IDS Deployment
120 IDS sensors deployed globally
Work with IDS engineering and signature teams
Provide direct access to some sensors so engineering teams are able to perform real-time troubleshooting
Provide them with a rich, diverse traffic environment for testing new code releases, engines, and different changes and tweaks to code
Problems need to be addressed quickly through direct engagement with IT and engineering groups
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 4
Benefits of Partnership
Advantageous two-way relationship
Sharing different customizations with the engineering team helps to provide visibility into what higher end customers are doing
Most importantly, the partnership enables real-time debugging versus having to go through customers or proxies
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 5
Problems and Challenges
Performance issues, such as:
– Oversubscription
– Too much sensor
Engineering teams are able to isolate the issue
Helps in developing deployment strategy
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 6
Using IDS in Cisco
There is a heavily customized load on IDS sensorsMany custom signatures used to detect special casesLeverage several new features in the product to see if a use case can be made Signature fidelity
– Needs to be tested in live environments as well as a lab because the result is always different
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 7
Selling the StoryMeeting with customers in EBCs– Describe how Cisco IDS
and IDS signatures are used
– Show how the product has improved dramatically over the eight years it has been used
– Share it as “our number one tool”
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 8
Selling the StoryBeneficial to let customers see that Cisco is using it – In a real production
environment
– On an enterprise network
– And are able to keep up with the level of threats encountered
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 9
Running IDS on a Real Network
Enables the team to see many things that wouldn’t be seen in a lab
Cisco has a relatively open network, which allows a view of a broad basis of traffic as well as all types of platforms
IDS is not just placed at perimeters; it is also placed at internal checkpoints (data center gateways) to protect the most critical assets, which are the data centers
Data center traffic constitutes a huge mix with different protocols and thus demands a large percentage of uptime
Reliable security in place is important
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 10
Constantly looking for new ways to detect malware and having direct access to the engineering and signature development teams is a huge win for both IT and engineering
It’s a win for IT because issues are discovered
It’s a win for engineering because a better product is made
It’s a win for Cisco because it proves to customers that this is the best-of-breed IDS technology; customers get a better product with better fidelity
Triple Win
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 11
Cisco IT E-Learning CDO-IT Collaboration Track Network Systems
<ADD APPROPRIATE
IMAGE>
John MoeNetworking Engineer, Emerging TechnologiesBrian ArmerEngineering Release Manager, Release Engineering
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 12
Information technology
Network and data center services
Design engineering
Technology roadmaps
Routing and switching roadmap
1
2
3
4
5
IT Overview
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 13
Collaboration and Feedback
Transition from OSM to SPA interfaces
New network requirements (due to TelePresence)
12.2(18) SXF split to SX and SR to accelerate features
Next-generation hardware
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 14
CDO-IT Overview
Software group– Manage the major IOS classic
release trains
Cisco IT are an integral part of release lifecycle
– Run large-scale alpha networks and provide feedback
– This feedback ultimately helps make the IOS releases much better and higher quality
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15
CDO and Cisco IT
Monthly meetings– BU provide roadmap to Cisco IT
– Cisco IT provide feedback to BU
Alpha network partnership– Make IOS releases much better products
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 16
Cisco IT E-Learning CDO-IT Collaboration Track Data Center
Sidney MorganIT Manager, Cisco on CiscoBill ErdmanMarketing Director, SVBU U.S. Marketing
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 17
VFrame Data Center
Cisco IT needed help with how it deployed servers
The model used was job shop-oriented, inefficient, not cost effective, and had a negative impact on business agility
IT challenged CDO to look at the data center from a systems provisioning perspective
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 18
VFrame Data Center
Cisco IT traditionally used its own custom tools for provisioning and management
VFrame DC was an opportunity to build something for Cisco IT according to its requirements and then sell the product to the broader market
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 19
CDO and IT Relationship
Non-threatening
Cisco IT could specify features it was seeking for the product and share the limitations that it had already seen
This open dialogue inspired Cisco IT to be able to ask about such things without the associated revenue issues
Formed the basis of a good working relationship and a strongly defined provisioning platform needed by Cisco IT
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 20
Benefits of CDO-IT Collaboration
VFrame DC is delivering on what both CDO and IT set out to accomplish
It helps to rationalize new technologies– e.g., VMware, virtualized servers and some virtualized storage
CDO and IT collaboration – Helped to build a product now being sold in the open marketplace
– Has helped make Cisco more strategic with customers
– Has enabled Cisco to approach the data center as a system vendor with a true system offering at the provisioning layer
Cisco IT likes to work with all business units to help ensure that products have an enterprise, solutions focus.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 21
CDO Process in Working with IT
1. Defined requirements with Cisco IT2. Defined development milestones and synchronized
them with Cisco IT development goals3. After reaching alpha and beta version levels in CDO
labs, the product was put into Cisco IT labs4. Through feedback from Cisco IT on additional
features required and bugs, the product was hardened in terms of:– How Cisco IT was going to use it– How CDO tests scripts– How it was going to be tested by
Cisco IT
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 22
CDO-IT Collaboration: Effect on the Lifecycle
The CDO-IT collaboration produced true innovationCDO would not have thought as broadly about the product without the IT collaboration The broad scope given by Cisco IT added a year to the product development cycleThe result has been an end-to-end provisioning platform that is extremely strategic for Cisco IT and the data center, as well as significant to the marketplace
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 23
Resources
E-Learning transcript, presentation, and video available for download
Links to the Cisco on Cisco website, best practices, case studies, newsletters and more
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 24
To learn more about Cisco IT real-world deployments, visit
www.cisco.com/go/ciscoit
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 25