Tag: Security

Cisco and NVIDIA: Strengthening AI and Security Partnerships

On By MikeIn AI & MLLeave a comment

Here’s my take

This announcement is more tangible than the initial collaboration announcement back in February 2024. That announcement felt like an “us too” moment. Now with a mutual agreement to support Cisco’s Silicon One with NVIDIA Spectrum-X networking platform and Cisco is committed to supporting NVIDIAs Spectrum silicon with Cisco’s operating system.

This announcement means that there will be joint engineering to support heterogenous environment’s with performant and a determinant outcome enterprises expect from us. The added value of a heterogenous environment, it limits exposure to external threats which are increasingly on the rise seeking exploits to LLMs, supported by large enterprises like Meta.

Part of Cisco’s AI Security strategy is a software named, “AI Defense “ working to set guardrails and protection for enterprise to use these open source LLMs. The future of AI is supporting open ecosystems and partnerships. 

Cisco is focused on giving customers choice. Cisco’s AI PODs are focused on💡inferencing of AI (getting the model to produce an outcome). As models evolve to multistep reasoning, breaking down a complex request into multiple steps and in many cases showing their work to the user, there is a significant scaling law that requires more compute. Often referred to as test-time compute. Gemini 2.0 Flash, DeepSeekR1, o1-mini are examples of multi step reasoning. More reasoning can equate to more accurate responses and is critical for autonomous agents in AI and physical AI.

This also means there is a need for more proficient connectivity. @Johnathan Ross, CEO of Groq, has similar beliefs about test-time compute becoming 100x the expense of AI training. Although Cisco has a compute training offers, 885A and 845A, there are very few organizations that will invest in training at scale to create their own foundational model, rather they will augment the open source models with their own domain knowledge, transfer learning, and agentic AI.

Take a moment to broaden your view outside of AI and into Security. Not to far off and possibly now, with Microsoft’s release of Majorana we will be in a post quantum era. This era will require a network that can support, adapt, respond and withstand a post quantum era. Since Cisco’s Silicon One will be supported in NVIDIAs Spectrum switch, Cisco has essentially a kernel space for use to protect at the kernal level. Cisco’s acquisition of Isovalant can enable a distributed, highly secure fabric at that kernal level. It will be a requirement to have security so tightly coupled with the network and Cisco is in the best position to support that requirement with the release of N9300 data processing unit switch. 

    Keep exploring and happy engineering!

    Did you find this useful? I’m turning AI complexity into friendly chats & aha moments 💡- Join thousands in receiving valuable AI & ML content by subscribing to the weekly newsletter.

    What do you get for subscribing?

    • I will teach you about AI & ML practically
    • You will gain valuable insight on how to adopt AI
    • You will receive recommended readings and audio references for when you are on the go

    Mike

    Cisco Live 2023 – Top 6 announcement

    On By MikeIn CiscoLeave a comment

    Cisco Networking Cloud
    Overview: With simplification at the core of Cisco’s customer-focused momentum, the new Networking Cloud vision sets out how Cisco plans to deliver a single platform experience for seamlessly managing all networking domains. Customers need to shift to a powerful and intelligent platform that can proactively manage the network, eliminate silos, and reduce human workload. At Cisco Live, Cisco will introduce the steps underway to deliver this capability, driven by more unified and consistent experiences, smarter tools, and a simplified portfolio to achieve more robust customer outcomes. News Release: Cisco Showcases Vision to Simplify Networking and Securely Connect the World

    Cisco Security Cloud
    Overview: Cisco is delivering on its promise of the AI-driven Cisco Security Cloud to simplify cybersecurity and empower people to do their best work from anywhere regardless of the increasingly sophisticated threat landscape. Cisco will announce Cisco Secure Access (a security service edge, SSE, solution) that offers frictionless access across any location, any device, and any application through one platform. Cisco is also previewing the first generative AI capabilities in the Security Cloud, including a generative AI-powered Policy Assistant that enables Security and IT administrators to describe granular security policies and evaluate how to best implement them across different aspects of their security infrastructure, and a SOC Assistant that will support the Security Operations Center (SOC) to detect and respond to threats faster. Cisco is also announcing the Secure Firewall 4200 which provides seamless connected experiences at the office or on the road, alongside Cisco Multicloud Defense, which leads the way to security in any environment. News Release: Cisco Shows Breakthrough Innovation Towards AI-First Security Cloud

    Full Stack Observability Platform & DEM Overview: Cisco will announce the launch of a new Full-Stack Observability (FSO) Platform, a vendor-agnostic solution that harnesses the power of the company’s full portfolio. The Cisco FSO Platform is focused on OpenTelemetry and is anchored on Metrics, Events, Logs, and Traces (MELT), enabling businesses to seamlessly collect and analyze MELT data generated by any source. The Cisco FSO Platform is also designed as a unified, extensible platform, allowing developers to build their own observability solutions, empowering an ecosystem of customers and partners. News Release: Cisco Launches Full Stack Observability Platform

    Cloud Native Application Security
    Overview: Announced today, Cisco’s Cloud Native Application Security solution, Panoptica, will now provide end- to-end lifecycle protection for cloud native application environments, from development to deployment to production. Panoptica will include an integrated and simplified visual dashboard experience with seamless scalability across clusters and multicloud environments. This will allow teams to secure APIs as well serverless, containerized, and Kubernetes environments holistically, with less complexity and more efficiency. News Release: Cisco Accelerates Application Security Strategy with Panoptica

    Generative AI – Security & Collaboration
    Overview: Cisco will announce it is reimagining the way people work with new, powerful generative AI technology. Cisco will harness large language models (LLMs) across its Security and Collaboration portfolios to help organizations drive productivity and simplicity for the workforce.
    News Release: Cisco Unveils Next-Gen Solutions that Empower Security and Productivity with Generative AI

    Sustainability
    Overview: Cisco is unveiling new partnerships within sustainable data centers, and advanced energy monitoring with Webex Control Hub. In addition, Cisco will unveil new messaging that speaks to its own sustainability journey and the desire to accelerate total sustainable transformation.
    Blog: Simplifying How Customers Unleash the Power of Our Platforms

    Mike

    Upgrade to ISE 3.1 on AWS

    On By MikeIn Cisco, SecurityLeave a comment

    Below is the prep work for migrating from ISE2.4 to ISE3.1+ for AWS, and the migration steps are here, but I have summarize them below.

    Cisco ISE is available as an infrastructure-as-code solution leveraging AWS CloudFormation making the deployment of ISE a very light lift. I’ll be walking you through how to deploy ISE on AWS in a later post.

    Step 1 – Base, Plus, Apex, and Device Admin licenses need to be migrated to Smart Licenses
    Step 2 – VM licenses need to be converted
    Step 3 – Migration can occur. Once licenses are prepped and converted, you go to the AWS Marketplace ISE BYOL listing and choose your deployment size. 

    Cisco ISE on AWS Marketplace

    ISE Licensing

    1. AWS ISE requires ISE 3.1+
      1. If upgrading to 3.1 from an existing 2.X release, it is required that a customer migrate their existing licenses to the new licenses and then upgrade to the 3.0 release. I.e. These are the Base, Plus, and Apex license that need to be upgraded. Device Admin licenses are grandfathered and need to be upgraded to a Smart License as well.
    2. This requires a Cisco Smart License Account. 
    3. Please refer to the Migration Guide for instructions.

    ISE VM – You need to register the VM Common license for ISE 3.1 and later.

    1. Customers need to migrate their ISE License to the new “Common License.”
      1. To migrate the legacy VM license to the VM Common license, customers need to obtain the $0 upgrade Product ID (PID), “L-ISE-VMC-UPG=, from Cisco. This is the same PID regardless of what current size of VM license you have today.
      2. https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/ise-licensing-migration-guide-og.html

    2. To obtain a VM Common License for a net new deployment you’ll need the new VM PID, “R-ISE-VMC-K9=” Refer to the table below for a 1:1 mapping.

    These VM licenses are valid in Cisco ISE 3.0 and earlier releases. Again, when you upgrade your Cisco ISE to Release 3.1, you will need to have VM Common license.  

    Upgrade FromUpgrade ToRatio
    R-ISE-VML-K9=R-ISE-VMC-K9=1:1
    R-ISE-VMM-K9=R-ISE-VMC-K9=1:1
    R-ISE-VMS-K9=R-ISE-VMC-K9=1:1

    How to migrate license

    To migrate the legacy VM license to the VM Common license, customers need to obtain the $0 upgrade PID, “L-ISE-VMC-UPG=,” in CCW. See ISE Licensing Migration Guide for the detailed process.

    Support for VM and License

    Q. What support do customers receive with the new ISE licenses?

    A. The same as with current subscription licenses. With the new ISE software licenses, customers receive embedded SWSS—which covers 24x7x365 Cisco Technical Assistance Center (TAC) support and software updates. However, now Essentials will also have this support.

    More Question and Answers here

    Support associated with the legacy VM licenses

    When customers upgrade the version of their legacy VM to VM Common license, they can continue to receive support based on the support contract purchased on legacy VM license PID. They can renew the support until the legacy VM license PID is EOL and reaches the last service renewal date per the EOL bulletin. There is no support for migration. For seamless support, the customer should request the legacy VM PID to be replaced with the desired VM PID in order to renew and receive support.

    Mike

    Protecting the WFH workforce – Defending against COVID-19 malicious domains

    On By MikeIn SecurityLeave a comment

    Many organizations have implemented work from home (WFH) strategies due to COVID-19. This measure, although enabling business continuity for many, introduces increased risk to cyber threats and attacks.

    Cisco Talos has been proactively hunting COVID related outbreaks, educating the public, and pushing these discoveries to all Cisco Security tools for blocking. I encourage you to read the Talos blog, “Threat Actors attempt to capitalize on coronavirus outbreak” and “Threat Update: COVID-19“.

    Talos goes as far as to list ways that you can defend against COVID related attacks. Cisco Umbrella, in particular, can leverage threat intelligence from Cisco Talos, to uncover and block these malicious domains, IPs, URLs, and files that are used in attacks. It’s not just Talos intelligence that Umbrella can leverage, however. You can take advantage of 3rd party threat intelligence platforms (TIP) that you may have and create a completely robust, kickass defense for your work from home workforce.

    Here’s how –

    Turn on – Newly Seen DomainsAs part of Cisco Umbrella intelligence, some domains may be blocked as Newly Seen Domains (NSD). Newly created domains related to COVID-19 will also be flagged as NSD as long as they fit the criteria.

    Third Party Integration: Umbrella support integrations with SIEM, threat intelligence platforms, or homegrown systems. This feature utilizes the ‘Enforcement API‘ in Umbrella.

    Here are the default integrations.

    In this case, I want to show you how to leverage a homegrown system. We’ll call it “COVID-19-BLOCK”

    When you add a new integration, an API key is generated. This API key can be used to make requests to and from Umbrella.

    Our homegrown system is nothing more than a simple python script that makes POST requests to Umbrella. 

    # Custom integration - ADD EVENT URL
import requests

url = "https://s-platform.api.opendns.com/1.0/events?customerKey=c988727a-XXX-XXXX-XXXX-XXXXXXXXX";

payload = "{\n    \"alertTime\": \"2013-02-08T11:14:26.0Z\",\n    \"deviceId\": \"ba6a59f4-e692-4724-ba36-c28132c761de\",\n    \"deviceVersion\": \"13.7a\",\n    \"dstDomain\": \"coronadiseasenews.com\",\n    \"dstUrl\": \"http://coronadiseasenews.com/a-bad-url\",\n    \"eventTime\": \"2020-03-31T09:30:26.0Z\",\n    \"protocolVersion\": \"1.0a\",\n    \"providerName\": \"Security Platform\"\n}"
headers = {
  'Content-Type': 'application/json'
}
response = requests.request("POST", url, headers=headers, data = payload)

print(response.text.encode('utf8'))

    After running the script, we can confirm that our request to block the COVID-19 malicious domain was successful.

    As you can see, we were successful in adding this malicious domain to our block list.

    Now, take a moment to expand on this custom integration that we just made. There are roughly 70,000 COVID-19 malicious domains and growing daily. What if we were able to take all of the published COVID-19 molicous domains and add them to an Umbrella block policy like we did above?

    I think that would make any CSO smile.

    Mike

    DUO MFA

    On By MikeIn Evolving Technologies, SecurityLeave a comment

    The Challenge and the Solution

    Modern enterprises demand agility. Mobile workforce and bring your own device (BYOD) trend has sparked a digital transformation. Organizations have to deal with a diverse set of users such as employees, contractors and partners who work from anywhere at anytime and on any device. The proliferation of user types, devices and access locations increases security risks for the organizations. 

    It’s no longer safe to assume that users are who they say they are and their devices are secure. 

    Duo’s focus is on securing access for any user connecting to any application from any device.  The new network perimeter is wherever an access decision happens. Duo protects this new perimeter by verifying user trust (confirming a user is who they say they are) using its best-in-class adaptive multi-factor authentication (MFA) solution.

    As a result, Duo integrates with any application with ease, provides self-enrollment and an excellent end-user experience.

    AnyConnect with DUO

    Where’s the proof?
    Options Technology
    Facebook

    WANT TO TRY IT?
    Demo DUO

    Need to know more? https://duo.com

    Mike