apis & software programmability...•cloudcenter suite •prime service catalog •webex teams...

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

www.inictel-uni.edu.pe

Miguel Garro CISM, CEH

Cybersecurity TSA

Perú, Ecuador, Bolivia

Programabilidad enfocada en ciberseguridad como futuro inmediato


Unprecedented demands on the network

Digital disruption Complexity Security

Security

63 million new devices

online every second

by 20201

3x more spending on

network operations

than on the network2

6 months to

detect breach3

Lack of business and IT insights Slow and error-prone operations Unconstrained attack surface

1 Gartner report - Gartner’s 2017 Strategic Roadmap for Networking 2 McKinsey study of network operations for Cisco – 2016 3 Ponemon Research Institute Study on Malware Detection, March 2016

http://www.gartner.com/reprints/cisco-v6-us1?id=1-3YQCDRO&ct=170425&st=sb

http://www.ponemon.org/blog/new-ponemon-study-on-malware-detection-prevention-released

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Trends

Apps & Devices

Reduce OpEx

Data-Driven Insights

Time-to-Value


“We have to have the network do more than it has ever done before, and we have to move faster than we ever have before.” -Chuck Robbins


IT Operations Today


…we simply can’t have the Humans be the doers of the work; we need them to be the designers of the work.


for switch in my_network:

for interface in switch:

if interface.is_down() and interface.last_change() > thirty_days:

interface.shutdown()

interface.set_description("Interface disabled per Policy")

Codify: The Value of Software Programmability

Coding is the process of writing down instructions, in a language a computer can understand, the steps needed to complete a specific task.

Q: What task? A: Your task.


API & Language Maturity

RESTful Software APIs

Expressive Modern Languages

Online Communities

Open Source

Social Code Sharing (GitHub)

Public Package Repositories

What changed?

You can get powerful things done with relatively small amounts of code!

…and even more with incremental investment!


Application Programming Interface (API)

“It’s a way for two pieces of software to talk to each other”


Simple Software Interfaces: The Value of APIs

request

response OK!

>>> do(this)

Done. Action was successful.

>>> configure(feature)

Complete: {“config”: …}

>>> get(data)

Here you go: {“device”: …}

Machine-to-Machine Interfaces

Make Specific Requests of your

App or Infrastructure Do this…

Configure Feature X

Get Data Y

Get easily interpreted responses


• Tools | CLI Scripts, Brower-based Apps, Native Apps Automate Tasks, Execute Repetitious Work, Provide Human Interfaces to Data

• Services | APIs, Web Services, Backend-Automations, Data

Repositories Provide Remote Access to Automations, Access to Data, Automate Event Handling, Create New Technical Capabilities

• Abstractions | Business Capabilities Combine Smaller Processes to Create Larger Business Capabilities

What can you create?


Creating & Using Automation | Vendor Supplied


Creating & Using Automation | Admin Tools

Purpose-Driven Single-Task Automation

Bulk Tasks

Configuring Devices

Retrieving Information

Routine Maintenance


Creating & Using Automation | Services

Connect Events to Actions

Automate or Augment a Process

Incorporate Cisco and 3rd Party Tech

Create New Features


Creating & Using Automation | Abstractions (Business Capabilities)

Combine Services to Create Meaningful Abstractions

Create New IT or Line-of-Business Capabilities:

Open a new Store

Deploy a new App


Building Organizational Proficiency in Automation

Start Small Automate a Routine Task.

Improve Reliability and Features.

Share Share with peers.

Expose Enable others to use the

Automation.

Codify Departments codify their

processes.

Expose Departments expose Internal

Services.

Integrate Interdepartmental work is

transacted via Service

Interfaces.

Differentiate Create new value chains:

Interconnecting Services

and Extracting Insights from

Data


with Automation

Customer’s

Business

Processes


CIOs Separate Modalities, Create Value by Embedding IT in both Business Operations and Business Transformation

Lines-of-Business Resources Producers and Consumers of Data, Partners in Creating Differentiated Value

IT Management Producers and Curators of Exposed Digital Services and Data, Talent Managers

Senior Technical Leaders Infrastructure Architects, Creators of Automations, Services, and Digital Capabilities

Junior Technical Staff Hardware and Cabling Installation and Maintenance, User of Tools and Software Automations

Roles | Evolution & Reinvention


Underpinning Bimodal IT

Mode

1 2 Mode

Simplify App & Device Deployment

Shorten Time-to-Detect & Respond

Automate Repetitious Tasks & Expose Services

Create Competitive Differentiated Value

Create Recombinant Capabilities

Extract Insights from Data

DNA Center, Zero-Touch Provisioning, SDA,

Cisco Container Platform (CCP), AppDynamics

DNA Analytics and Assurance, Stealthwatch,

Encrypted Traffic Analytics

DevNet, DNA Center as a Platform, CCP, YANG Models, Ansible, … DNA Analytics,

AppDynamics, IoE Edge

Computing, Data APIs

Support Modern Micro-Services

App Architectures: ACI, CCP, &

IOX

Applying Cisco Design Thinking with

Composable & Software Programmable

Solutions to Create New Business

Capabilities


Executing on Market Needs

Mode

1 2 Mode

Apps & Devices

Reduce OpEx

Data-Driven Insights

Time-to-Value


Simplification | “Effect the same result with less effort.”

Automation

Human Intent

Push x policies

with y inputs to

z devices.

When x happens,

do y.

Deploy a new site

to support x

users called y.

Programmatic Action

Carried out via APIs


Programmable Solutions


Q: What can you do with our APIs? A: What our products can do!

Create policies

Add devices

Get security activity data

Investigate a domain

Configure a block list

…

Provision a user

Create a space

Add/remove people

Post a message/file

Respond to messages

…

Configure an interface

Enable/configure routing

Get device inventory

Get routing table

Configure access list

…

Create a service profile

Create/manage policies

Get inventory

Update firmware

Remove service profile

…


…only now…

In bulk

In response to events

As part of an automated process


This is what a programmable solution looks like:

Our products (and third-party products)

Exposing APIs

Interconnected by Code


Container

User’s Device Administrator’s

Workstation

Server Cisco Networking

Device

Private Cloud Public Cloud

- Native Apps

- Web Apps

- Admin Scripts

- Tools

- Automated Processes

- Web Services

- System Integrations

- Edge Apps

- Local Automations

- Automated Processes

- Web Services

- System Integrations

- Cloud Native Apps

Where does that code run?


Automate Processes

Create / Extend Product Features

Integrate Products

Create New Services / Capabilities


When we sell programmable solutions, we sell what is on the truck.

Tailored to our customer’s IT and business processes.

We interconnect our products’ APIs with code.

That code can run many places; to provide the needed functionality.

These tools enable us to automate existing processes and create new features, services, and capabilities.

Programmable Solutions


Introduction to Cisco Design Thinking


You know how to code…

You need problems to solve

Problems that will challenge you

Problems that will result in sales

You want to see your ideas deployed and providing value

You don’t know how to code…

Much of the TSP can be lead without coding

You want to engage your creativity to design solutions that positively impact your customer(s)

You want to develop solutions that will result in sales

What’s in this for you?


What is Design Thinking?

“Design thinking refers to creative

strategies designers utilize during the

process of designing.

“Design thinking in business uses the

designer's sensibility and methods to

match people's needs with what is

technologically feasible and what a

viable business strategy can convert

into customer value and market

opportunity.”

-Wikipedia


The Cisco Design Thinking Framework & Software Programmability Technical Sales Process

“What’s Next”

Raw Ideas

Discover THE

OPPORTUNITY

Define PROBLEMS &

POTENTIAL SOLUTIONS

Explore WOW

SOLUTIONS

Validate with Users

Make Things

High Fidelity Concept

Investment Decision Execute


Validate with Users

This is a fundamental tenet of Design Thinking. You

must constantly validate your ideas and your

conclusions with real users. Anything worth acting on

— and investing in — is worth gut-checking with your

target audience.

Make Things

This is another basic principle of Design Thinking. It’s

not enough to explain your ideas to your users. You

must make things to illustrate your ideas and give your

users something to react to, validate, or reject.

The Guard Rails

design.cisco.com > Resources > Getting Started Book

40 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Introducing SecureX A cloud-native, built-in platform experience within our portfolio

Your Infrastructure

SIEM/SOAR Identity

3rd Party/ITSM Intelligence

Cisco Secure

Applications Cloud

Network Endpoint

Your teams

ITOps SecOps NetOps

Investigation

Remediation

Managed

Policy

Orchestration

Automation

Detection

Analytics

Unified Visibility

SIEM

Web Application Firewall

https://developer.cisco.com/threat-response b: https://github.com/CiscoSecurity

SecureX Threat Response integrations

SOAR / Security IR

Data Awareness

Threat Intelligence Modules

Threat Intel Platform

SecureX Modules

SecureX APIs

https://developer.cisco.com/threat-response



https://github.com/CiscoSecurity

• AppDynamics

• Cisco ACI

• Cisco DNA Center

• Cisco NSO

• Cisco UCS Director

• CloudCenter Suite

• Prime Service Catalog

• Webex Teams

• Amazon Web Service

• Ansible

• Ansible Tower

• Chef

• Google Cloud Platform

• Microsoft Azure

• Microsoft Windows

• Puppet

• ServiceNow

• Splunk

• Terraform

• VMware

• AMQP

• Database JDBC Drivers

• Email (IMAP and SMTP)

• Kafka • Kubernetes

• OpenShift

• Openstack

• Python

• SNMP

• Terminal

Cisco Infrastructure* Third party products* Open-source/general*

* On prem products need remote module - potential schedule risk

SecureX Orchestration integrations

SecureX APIs


SecureX Automation & Orchestration Phishing use case – user experience

Receives email they think

is suspicious, so submits

to SecureX for analysis

Notified if email is

malicious or not with

next steps

Notified if email is

malicious and

remediation

action taken.

End

User

Security

Analyst

Optionally, a team

space can be

created, invite

people, and add

case link/details.

1 2a

2b


Automating security workflows

At MVP, SecureX will ship

with workflows that highlight the

Cisco Security portfolio (engaged SE to identify specific workflows for

each different product)

Customers can modify and/or

build their own workflows using

existing integrations

Mockups subject to change


Automating phishing workflow

Mockups subject to change


www.inictel-uni.edu.pe

¡GRACIAS!

apis & software programmability...•cloudcenter suite •prime service catalog •webex teams...

Documents