© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
www.inictel-uni.edu.pe
Miguel Garro CISM, CEH
Cybersecurity TSA
Perú, Ecuador, Bolivia
Programabilidad enfocada en ciberseguridad como futuro inmediato
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Unprecedented demands on the network
Digital disruption Complexity Security
Security
63 million new devices
online every second
by 20201
3x more spending on
network operations
than on the network2
6 months to
detect breach3
Lack of business and IT insights Slow and error-prone operations Unconstrained attack surface
1 Gartner report - Gartner’s 2017 Strategic Roadmap for Networking 2 McKinsey study of network operations for Cisco – 2016 3 Ponemon Research Institute Study on Malware Detection, March 2016
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Trends
Apps & Devices
Reduce OpEx
Data-Driven Insights
Time-to-Value
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
“We have to have the network do more than it has ever done before, and we have to move faster than we ever have before.” -Chuck Robbins
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IT Operations Today
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
…we simply can’t have the Humans be the doers of the work; we need them to be the designers of the work.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
for switch in my_network:
for interface in switch:
if interface.is_down() and interface.last_change() > thirty_days:
interface.shutdown()
interface.set_description("Interface disabled per Policy")
Codify: The Value of Software Programmability
Coding is the process of writing down instructions, in a language a computer can understand, the steps needed to complete a specific task.
Q: What task? A: Your task.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
API & Language Maturity
RESTful Software APIs
Expressive Modern Languages
Online Communities
Open Source
Social Code Sharing (GitHub)
Public Package Repositories
What changed?
You can get powerful things done with relatively small amounts of code!
…and even more with incremental investment!
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Programming Interface (API)
“It’s a way for two pieces of software to talk to each other”
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Simple Software Interfaces: The Value of APIs
request
response OK!
>>> do(this)
Done. Action was successful.
>>> configure(feature)
Complete: {“config”: …}
>>> get(data)
Here you go: {“device”: …}
Machine-to-Machine Interfaces
Make Specific Requests of your
App or Infrastructure Do this…
Configure Feature X
Get Data Y
Get easily interpreted responses
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Tools | CLI Scripts, Brower-based Apps, Native Apps Automate Tasks, Execute Repetitious Work, Provide Human Interfaces to Data
• Services | APIs, Web Services, Backend-Automations, Data
Repositories Provide Remote Access to Automations, Access to Data, Automate Event Handling, Create New Technical Capabilities
• Abstractions | Business Capabilities Combine Smaller Processes to Create Larger Business Capabilities
What can you create?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Creating & Using Automation | Vendor Supplied
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Creating & Using Automation | Admin Tools
Purpose-Driven Single-Task Automation
Bulk Tasks
Configuring Devices
Retrieving Information
Routine Maintenance
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Creating & Using Automation | Services
Connect Events to Actions
Automate or Augment a Process
Incorporate Cisco and 3rd Party Tech
Create New Features
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Creating & Using Automation | Abstractions (Business Capabilities)
Combine Services to Create Meaningful Abstractions
Create New IT or Line-of-Business Capabilities:
Open a new Store
Deploy a new App
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Building Organizational Proficiency in Automation
Start Small Automate a Routine Task.
Improve Reliability and Features.
Share Share with peers.
Expose Enable others to use the
Automation.
Codify Departments codify their
processes.
Expose Departments expose Internal
Services.
Integrate Interdepartmental work is
transacted via Service
Interfaces.
Differentiate Create new value chains:
Interconnecting Services
and Extracting Insights from
Data
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
with Automation
Customer’s
Business
Processes
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CIOs Separate Modalities, Create Value by Embedding IT in both Business Operations and Business Transformation
Lines-of-Business Resources Producers and Consumers of Data, Partners in Creating Differentiated Value
IT Management Producers and Curators of Exposed Digital Services and Data, Talent Managers
Senior Technical Leaders Infrastructure Architects, Creators of Automations, Services, and Digital Capabilities
Junior Technical Staff Hardware and Cabling Installation and Maintenance, User of Tools and Software Automations
Roles | Evolution & Reinvention
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Underpinning Bimodal IT
Mode
1 2 Mode
Simplify App & Device Deployment
Shorten Time-to-Detect & Respond
Automate Repetitious Tasks & Expose Services
Create Competitive Differentiated Value
Create Recombinant Capabilities
Extract Insights from Data
DNA Center, Zero-Touch Provisioning, SDA,
Cisco Container Platform (CCP), AppDynamics
DNA Analytics and Assurance, Stealthwatch,
Encrypted Traffic Analytics
DevNet, DNA Center as a Platform, CCP, YANG Models, Ansible, … DNA Analytics,
AppDynamics, IoE Edge
Computing, Data APIs
Support Modern Micro-Services
App Architectures: ACI, CCP, &
IOX
Applying Cisco Design Thinking with
Composable & Software Programmable
Solutions to Create New Business
Capabilities
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Executing on Market Needs
Mode
1 2 Mode
Apps & Devices
Reduce OpEx
Data-Driven Insights
Time-to-Value
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Simplification | “Effect the same result with less effort.”
Automation
Human Intent
Push x policies
with y inputs to
z devices.
When x happens,
do y.
Deploy a new site
to support x
users called y.
Programmatic Action
Carried out via APIs
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Programmable Solutions
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Q: What can you do with our APIs? A: What our products can do!
Create policies
Add devices
Get security activity data
Investigate a domain
Configure a block list
…
Provision a user
Create a space
Add/remove people
Post a message/file
Respond to messages
…
Configure an interface
Enable/configure routing
Get device inventory
Get routing table
Configure access list
…
Create a service profile
Create/manage policies
Get inventory
Update firmware
Remove service profile
…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
…only now…
In bulk
In response to events
As part of an automated process
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
This is what a programmable solution looks like:
Our products (and third-party products)
Exposing APIs
Interconnected by Code
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Container
User’s Device Administrator’s
Workstation
Server Cisco Networking
Device
Private Cloud Public Cloud
- Native Apps
- Web Apps
- Admin Scripts
- Tools
- Automated Processes
- Web Services
- System Integrations
- Edge Apps
- Local Automations
- Automated Processes
- Web Services
- System Integrations
- Cloud Native Apps
Where does that code run?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Automate Processes
Create / Extend Product Features
Integrate Products
Create New Services / Capabilities
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
When we sell programmable solutions, we sell what is on the truck.
Tailored to our customer’s IT and business processes.
We interconnect our products’ APIs with code.
That code can run many places; to provide the needed functionality.
These tools enable us to automate existing processes and create new features, services, and capabilities.
Programmable Solutions
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introduction to Cisco Design Thinking
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
You know how to code…
You need problems to solve
Problems that will challenge you
Problems that will result in sales
You want to see your ideas deployed and providing value
You don’t know how to code…
Much of the TSP can be lead without coding
You want to engage your creativity to design solutions that positively impact your customer(s)
You want to develop solutions that will result in sales
What’s in this for you?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What is Design Thinking?
“Design thinking refers to creative
strategies designers utilize during the
process of designing.
“Design thinking in business uses the
designer's sensibility and methods to
match people's needs with what is
technologically feasible and what a
viable business strategy can convert
into customer value and market
opportunity.”
-Wikipedia
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Cisco Design Thinking Framework & Software Programmability Technical Sales Process
“What’s Next”
Raw Ideas
Discover THE
OPPORTUNITY
Define PROBLEMS &
POTENTIAL SOLUTIONS
Explore WOW
SOLUTIONS
Validate with Users
Make Things
High Fidelity Concept
Investment Decision Execute
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Validate with Users
This is a fundamental tenet of Design Thinking. You
must constantly validate your ideas and your
conclusions with real users. Anything worth acting on
— and investing in — is worth gut-checking with your
target audience.
Make Things
This is another basic principle of Design Thinking. It’s
not enough to explain your ideas to your users. You
must make things to illustrate your ideas and give your
users something to react to, validate, or reject.
The Guard Rails
design.cisco.com > Resources > Getting Started Book
40 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introducing SecureX A cloud-native, built-in platform experience within our portfolio
Your Infrastructure
SIEM/SOAR Identity
3rd Party/ITSM Intelligence
Cisco Secure
Applications Cloud
Network Endpoint
Your teams
ITOps SecOps NetOps
Investigation
Remediation
Managed
Policy
Orchestration
Automation
Detection
Analytics
Unified Visibility
SIEM
Web Application Firewall
https://developer.cisco.com/threat-response b: https://github.com/CiscoSecurity
SecureX Threat Response integrations
SOAR / Security IR
Data Awareness
Threat Intelligence Modules
Threat Intel Platform
SecureX Modules
SecureX APIs
• AppDynamics
• Cisco ACI
• Cisco DNA Center
• Cisco NSO
• Cisco UCS Director
• CloudCenter Suite
• Prime Service Catalog
• Webex Teams
• Amazon Web Service
• Ansible
• Ansible Tower
• Chef
• Google Cloud Platform
• Microsoft Azure
• Microsoft Windows
• Puppet
• ServiceNow
• Splunk
• Terraform
• VMware
• AMQP
• Database JDBC Drivers
• Email (IMAP and SMTP)
• Kafka • Kubernetes
• OpenShift
• Openstack
• Python
• SNMP
• Terminal
Cisco Infrastructure* Third party products* Open-source/general*
* On prem products need remote module - potential schedule risk
SecureX Orchestration integrations
SecureX APIs
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SecureX Automation & Orchestration Phishing use case – user experience
Receives email they think
is suspicious, so submits
to SecureX for analysis
Notified if email is
malicious or not with
next steps
Notified if email is
malicious and
remediation
action taken.
End
User
Security
Analyst
Optionally, a team
space can be
created, invite
people, and add
case link/details.
1 2a
2b
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Automating security workflows
At MVP, SecureX will ship
with workflows that highlight the
Cisco Security portfolio (engaged SE to identify specific workflows for
each different product)
Customers can modify and/or
build their own workflows using
existing integrations
Mockups subject to change
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Automating phishing workflow
Mockups subject to change
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
www.inictel-uni.edu.pe
¡GRACIAS!