About (Edit profile)

This author has not yet filled in any details.
So far has created 1829 blog entries.

Announcing the Build for Better Code Challenge Winners on May 15, 2024 at 3:59 pm

We invited the Cisco DevNet community to use automation and AI to demonstrate the significant role technology can play in addressing tech's ecological footprint. We were blown away by the community participation.

​[[{"value":"

The results are in for the Build for Better Code Challenge, highlighting two standout solutions that effectively combine automation or AI with sustainability. In this challenge, we asked you, the Cisco DevNet community, to use automation and AI to address pressing environmental issues, demonstrating the significant role technology can play in enhancing our ecological footprint. And we were blown away by the community participation.

Congratulations to GreenOps Tracker and Green Monitoring! These standout entries not only exemplify the ingenuity and practical impact of integrating automation and AI with sustainability efforts but also demonstrate how targeted solutions can significantly enhance environmental sustainability. As we explore the innovative technologies each project employs to address specific environmental challenges, it’s clear that our developer community possesses tremendous potential to drive meaningful change. To further optimize these winning solutions, each team will receive mentorship from Jason Davis, Distinguished Engineer at Cisco. This mentorship will focus on advancing AI integration within their projects, reinforcing Cisco’s commitment to leading the conversation on AI-driven sustainability.

Take a Look: Build for Better Winners

GreenOps Tracker: Automating Sustainability in Server Operations

GreenOps Tracker innovates server management by optimizing resource usage, thereby minimizing energy consumption and reducing CO2 emissions. Developed to empower server administrators with real-time data, GreenOps Tracker utilizes Performance Co-Pilot (PCP) and Ansible Event-Driven technologies to monitor Linux servers, automatically adjusting their configurations based on real-time events. This system not only reduces operational costs but also supports environmental sustainability goals by ensuring that servers operate with optimal resources, avoiding unnecessary energy use.

The core of GreenOps Tracker’s functionality lies in its ability to dynamically respond to changes in server performance metrics such as CPU usage, memory load, and system temperature. By integrating PCP for monitoring and using webhooks to trigger Ansible playbooks, the system provides a proactive management tool that adjusts resources without human intervention. This automatic adjustment is crucial for maintaining efficiency in data centers where even minor improvements can lead to significant reductions in power consumption and carbon footprints. The future prospects for GreenOps Tracker include expanding its metric support and integrating with Grafana to provide even more comprehensive energy consumption insights, promising further advances in sustainable IT management.

Explore GreenOps Tracker on Code Exchange >

Green Monitoring: Tracking Sustainability in Real-Time

Green Monitoring is a sustainable solution engineered by a team at Cisco that uses an open-source technology stack to monitor the energy and CO2-equivalent emissions of network and data center devices. It targets a range of equipment including IOS-XR and NX-OS devices, Meraki switches, UCS servers, ACI APIC nodes, and third-party PDUs from Eaton and Raritan. This tool not only tracks energy consumption and carbon footprints but also correlates these metrics with traffic, bandwidth, and costs, offering enterprises crucial insights for optimizing sustainability.

The backbone of Green Monitoring comprises gRPC streaming telemetry, Telegraf data processing, InfluxDB for data storage, and Grafana for visualization. This setup facilitates real-time monitoring and historical analysis, empowering users with actionable data to enhance their infrastructure’s energy efficiency. The solution’s extensive use of open-source technologies lowers barriers to entry and supports Cisco’s developer community in adapting and expanding the project to other sustainability metrics or customized use-cases.

Explore Green Monitoring on code exchange >

Next Steps: Leveraging Cisco AI for Sustainability

As you draw inspiration from the Build for Better Code Challenge winners, continue your exploration of AI’s role in sustainability with Cisco’s tools and resources.

Visit the Cisco DevNet AI Resource Hub to access learning labs, sample code, and videos on predictive and generative AI. These resources are designed to help you develop effective, sustainable solutions using AI technology.
Missed Developer Sustainability Week? No problem. You can watch the recordings of our webinar and workshop to gain insights into optimizing resources and enhancing system efficiencies for sustainability.
Explore our blog on AI programming languages to discover which programming languages are best suited for various AI tasks.
Stay engaged and expand your network. Join the DevNet Webex community, where you can connect with peers, share your projects, and find new collaboration opportunities.

Thank you to everyone who participated in this inaugural DevNet code challenge! We look forward to future challenges.

Share

"}]]  We invited the Cisco DevNet community to use automation and AI to demonstrate the significant role technology can play in addressing tech's ecological footprint. We were blown away by the community participation.  Read More Cisco Blogs 

By |2024-05-16T01:55:37+00:00May 16, 2024|Cisco: Learning|0 Comments

A New Day for Cisco’s Go-to-Market on May 15, 2024 at 8:06 pm

Over the last 40 years, Cisco has built one of most sophisticated and extensive Go-to-Market (GTM) engines in the industry. Today, we are taking the next step in that mission.

​[[{"value":"

When we announced the successful close of Cisco’s acquisition of Splunk on March 18, it marked the beginning of a new chapter for our company, our customers, and the market. Our complementary capabilities across security, observability, and data are going to help our customers improve their digital resiliency and maximize the massive opportunities in areas like AI.

At the same time, the demands of our customers are constantly evolving, and they need a strategic partner who can adjust to changing market conditions and help them achieve their most urgent outcomes. Over the last 40 years, Cisco has built one of most sophisticated and extensive Go-to-Market (GTM) engines in the industry. Today, we are taking the next step in that mission.

I am pleased to share that Gary Steele, the former CEO of Splunk who joined Cisco as part of the acquisition, will be stepping into the newly created role of President, Go-to-Market. In this role, Gary and his team will evolve our sales and Go-to-Market motions to execute against strategy, align with customer needs, and drive a culture of intense competition, agility, and continuous improvement. Gary’s new organization will include Cisco’s Sales, Partner, and Global Marketing teams.

Since officially joining Cisco two months ago, Gary has played an integral role in the integration of Splunk, which is absolutely vital to our future growth. To ensure we are successful in this mission, the Splunk team will remain reporting into Gary.

Gary brings over 30 years of experience and a proven track record of successfully scaling SaaS operations and growing multi-billion-dollar global enterprises. In his two years as Splunk’s CEO, Gary grew revenues by nearly 60%, including ARR growth of 35%, while driving a dramatic and successful company transformation and accelerated innovation across their portfolio. As the founding CEO of Proofpoint, Gary grew the company from an early-stage start-up to a leading, publicly traded company.

His operational mindset, combined with his intense focus on simplicity and proven ability to drive growth, position him well as the new leader of this organization. Representing the voice of the customer, he will build new processes, listening systems, and feedback loops to drive effective prioritization, decision-making, and alignment between our GTM and engineering teams.

As part of these changes, Jeff Sharritts, our current EVP and Chief Customer and Partner Officer, will be leaving Cisco towards the end of our fiscal year in mid-July. Jeff is a 24-year Cisco veteran with a long list of accomplishments. Known for his authenticity and integrity, he is well respected at Cisco, and we are grateful for his leadership and unwavering dedication to Cisco, and our customers.

As we look ahead, I am extremely confident in our future and our ability to be the strategic partner our customers need to achieve their most pressing outcomes. With Splunk as a part of Cisco, we have unique and differentiated positions across AI, security, observability, data, and more. Our portfolio of solutions is coming together in new ways to solve challenges that were once deemed unsolvable.

I look forward to partnering deeply with Gary to make that happen and I’m grateful for Jeff’s many years of partnership and friendship.

Share

"}]]  Over the last 40 years, Cisco has built one of most sophisticated and extensive Go-to-Market (GTM) engines in the industry. Today, we are taking the next step in that mission.  Read More Cisco Blogs 

By |2024-05-16T01:55:36+00:00May 16, 2024|Cisco: Learning|0 Comments

Black Hat Asia 2024 NOC: Cisco Security Cloud on May 15, 2024 at 12:00 pm

Protecting Black Hat Asia NOC with Cisco Security Cloud

​[[{"value":"

Cisco is honored to be a partner of the Black Hat NOC (Network Operations Center), and this was our seventh year supporting Black Hat Asia. Cisco is the Official Mobile Device Management, Malware Analysis and DNS (Domain Name Service) Provider.

We work with other official providers to bring the hardware, software and engineers to build and secure the network, for our joint customer: Black Hat.

Arista: Network Equipment
Corelight: Network Analytics and Detection
MyRepublic: Broadband
NetWitness: Threat Detection & Response, Identity
Palo Alto Networks: Network Security Platform

The primary mission in the NOC is network resilience. The partners also provide integrated security, visibility and automation, a SOC (Security Operations Center) inside the NOC.

On screens outside the NOC were displayed partner dashboards for the attendees to view the volume and security of the network traffic.

It All Started with Malware

Cisco joined the Black Hat NOC in 2016, when asked to provide automated malware analysis with Thread Grid. The Cisco contributions to the network and security operations evolved, with the needs of the customer, to include more components of the Cisco Security Cloud.

Breach Protection Suite
Cisco Secure Malware Analytics (Formerly Threat Grid): sandboxing and integrated threat intelligence

User Protection Suite
Cisco Umbrella: DNS visibility for the conference network and protection for iOS devices
Cisco Security Connector: iOS device security and visibility, managed with Meraki Systems Manager

Cloud Protection Suite
ThousandEyes: Network observability / availability

The NOC leaders allowed Cisco (and the other NOC partners) to bring in additional software to make our internal work more efficient and have greater visibility; however, Cisco is not the official provider for Extended Detection & Response, Network Detection & Response or Collaboration.

Breach Protection Suite
Cisco XDR: Threat Hunting / Threat Intelligence Enrichment / Executive dashboards / Automation with Webex
Cisco XDR Analytics (Formerly Secure Cloud Analytics / Stealthwatch Cloud): network traffic visibility and threat detection

Cisco Webex: Incident notification and team collaboration

The Cisco XDR Command Center dashboard tiles made it easy to see the status of each of the connected Cisco Security technologies, and the status of ThousandEyes agents.

When the partners deploy to each conference, we set up a world class network and security operations center in three days. Our goal remains network up time and creating better integrated visibility and automation. Black Hat has the pick of the security industry tools and no company can sponsor/buy their way into the NOC. It is invitation only, with the intention of diversity in partners, and an expectation of full collaboration.

As a NOC team comprised of many technologies and companies, we are continuously innovating and integrating, to provide an overall SOC cybersecurity architecture solution. We look forward to continuing the work with partner Palo Alto Networks, for further automation at Black Hat USA 2024.

Below are the Cisco XDR integrations for Black Hat Asia, empowering analysts to investigate Indicators of Compromise (IOC) very quickly, with one search.

We appreciate alphaMountain.ai, Pulsedive and Recorded Future donating full licenses to Cisco, for use in the Black Hat Asia 2024 NOC.

Cisco Networking and Security
Third Party
1
Meraki System Manager
alphaMountain.ai
2
Secure Endpoint for iOS
APIVoid
3
Secure Malware Analytics
AlienVault OTX
4
ThousandEyes
CyberCrime Tracker
5
Umbrella DNS
Google Safe Browsing
6
Webex
NetWitness / Custom relay
7
XDR Analytics
Pulsedive
8
Cisco Telemetry Broker
Recorded Future
9

Shodan
10

Threatscore | Cyberprotect
11

VirusTotal
12

Slack
13

urlscan

An example of this is an investigation of a potentially malicious activity on the 2nd day of Training. An IP address was identified by NetWitness for possible geolocation leakage.

Investigation of the IP correlated the syslog sightings from the partner technologies in the NetWitness logs, with threat intelligence from Pulsedive, Recorded Future, alphaMountain and others.

Reviewing the DNS logs and the details of the packet capture in both Corelight and NetWitness, it was confirmed no geolocation data was leaked and it was part of a Training course. The activity would have been blocked in a production environment.

A core integrated workflow in the Black Hat NOC is NetWitness and Corelight sending suspicious files to Secure Malware Analytics. Over 4,900 samples were submitted.

The NOC analysts also used Malware Analytics to investigate suspicious domains, without the risk of infection. Rather than going to the website on a corporate or Black Hat assets, we were able to interact with the website in the glovebox, including downloading and installing the website payload.

Detonating files or browsing websites in Secure Malware Analytics protects the analysts from accidental infection.

We saw a series of similar (but different hash values) exploit kits downloaded on the first day in the Business Hall. The downloads were on the conference Wi-Fi and not in a Training course, so the event had to be investigated to confirm there was not an attack on the attendees. Working with the Corelight team, the NOC responders parsed the traffic and confirmed it was a Capture the Flag event, which continued into the last day of the conference.

Threat Hunters’ Story, by Aditya Raghavan and Shaun Coulter

In the Black Hat Asia 2024 NOC, Shaun staffed the morning shifts, and Aditya the afternoon shifts, as threat hunters focused on the Cisco XDR and Secure Malware Analytics consoles. Mornings were usually pretty chill. However, and for some heretofore unknown (coffee related?) reason, the activity ramped up in the afternoon on most days, leading Aditya to a place of “involved joy”, and Shaun to a place of tormented jealousy :D. With dogged determination both hunters spent their time reviewing alerts, activities, and conducted IOC scans using XDR Investigate. They reviewed submitted samples and network logs for signs of intrusion or suspicious activity.

Using Secure Malware analytics, they dissected malware samples, analyzed phishing campaigns, and scrutinized network traffic patterns for anomalies. Numerous alerts flagged as spikes in traffic from unexpected sources, strange destinations and odd variants of malicious code popped up multiple times, initiating thorough investigations. In most cases, they traced the anomaly to an authorized Black Hat Training or Briefing source and closed such cases as “Black Hat Positive”; meaning you would not allow this on your production network, but for Black Hat, it is business as usual. Since Black Hat is a conference designed for learning about offensive security, these malware samples are expected, and marked as such.

Thankfully or unthankfully, as the system tuning was completed, most alerts raised were as above and expected or actually ‘near misses’ – items that warrant investigation but did not extend to impactful behaviours, as we were able to stop them in time.

On the first day of Briefings, as Shaun is dutifully poring through the console of Secure Malware Analytics, in walks Aditya to relieve the shift. Greetings aside, Shaun quickly pivots over excitedly “Brother, I want to show you a couple of interesting things.” Aditya’s interest is piqued, and Shaun opens a new dashboard showing one of the recently released features of Cisco XDR – MITRE ATT&CK ® Coverage Map.

This new capability quickly displays all the tactics and techniques in the MITRE ATT&CK® matrix for which Cisco XDR has detections/coverage. In addition to the XDR Native, detections from Secure Endpoint and Secure Malware Analytics are also used to derive the coverage map making it a holistic view. This view allows the user to visualize the detections of XDR natively, as well as the integrated solutions and identify the scope of coverage and importantly, map out the gaps for future consideration. Thanks to the Cisco Talos team, all solutions within the Cisco Breach Protection Suite are mapped today and this would be rolled out to include other suites and solutions, including 3rd party integrations, soon.

As our threat hunters geek out on the behind-the-scenes stuff on XDR, Jessica politely calls out “Adi. Shaun. Guys, there is some new activity on Umbrella. Can you look into it?” Nudged back to reality, our threat hunters get to work – finding needles in the stack of needles at Black Hat as it was rightly put by Grifter! Talking about that, the new activity appears to be a query for a domain classified as a Command & Control (C&C) domain. Let’s dig into it.

A quick look into Umbrella Activity Search shows the latest traffic activity matching the C&C category that was allowed. Expanding the details pane, we can see the domain being queried and the identity of the endpoint issuing the query which appears to be from the ‘Hacking Enterprises 2024 Red Team’. That is a legitimate Training class at Black Hat Asia 2024. We pivot over to Umbrella Investigate and see the reason for this domain being categorized as C&C and its indicators.

Let’s head over to XDR and query this observable against all the integrated solutions for more intel. We quickly get a visual connected graph and tabulated events on all the relevant intel. The integration with NetWitness Logs provides us with events related to that domain, as well as populating the graph with those relationships, along with the Umbrella event which was the source for this hunt.

Looking at the evidence, this turned out to be another needle! Nothing untoward here, we classified this as a ‘Black Hat Positive’ and moved on. As the afternoon shift winds down, the team is discussing potential destinations for dinner and there is always dessert to look forward to at the end. Aditya and Ryan were pining for rich ice cream and Home Best Dessert turns out to be the right solution for the ask. In the NOC, the right solution is almost always teamwork with all our partners.

One such instance was when a Corelight hunter picked up a spike of traffic to unusual destinations. These appear to be DNS queries to a bunch of C&C domains. We quickly delve into Umbrella showing us all the domains being queried in a short window and most of them being Malware and/or C&C categorized. This appears to be a system either being compromised or someone intentionally doing a test / recon for those domains.

Let’s investigate some of these domains in XDR. We can see a lot of red icons on this visualization! In fact, every queried domain is classified as Malicious and known to host other malicious content. This doesn’t look expected for sure and that puts the intentional test / recon theory to rest quickly. Ben Reardon, the hunter from Corelight, puts it succinctly “This box is pwned six ways to Sunday!” What else can we find about this system then?

Looking at the DHCP logs for the IP address, the Corelight hunter was able to pinpoint the device MAC address and hostname, which resembled a name. A short Google search later, we have a potential device owner and the fact that he was delivering a session at Black Hat in one of the rooms next door! A short conversation with the person after his session ensued, where the NOC leads advised the NOC’s findings on his compromised system. He was grateful for the finding and reached out for additional context. This one turned out to be a ‘True Positive.’

The following day, the team has zeroed in on Turkish food for the evening. Ryan halts Shaun as he departs at the end of his shift and demands his hotel name and room number. “I’m gonna come knock at your door and wake you up tonight, man. I mean it. No day is too long. I used to do my shifts on three hours of sleep. Now, let’s go!” Ryan is deadpan serious. That is what we thought while investigating our next potential malware finding.

Another event on the Umbrella console comes to our attention and this time it is a query for a domain categorized as Malware. The source endpoint is quickly identified from the Identity and Umbrella investigate tells us this domain is part of the Malware block list. In a normal production network, this would ideally be blocked.

Black Hat isn’t your normal production network, and it attracts all kinds of security folk. And that is exactly what it turned out to be this time. The National University of Singapore has a group organizing regular capture the flag (CTF) events and is running a similar get-together at Black Hat. Go NUS Greyhats!

Activities involving malware what would be blocked on a corporate network must be allowed, within the confines of Black Hat Code of Conduct.

Network Observability with ThousandEyes, by Adam Kilgore and Patrick Yong

Deploying ThousandEyes at Black Hat is a rigorous process involving a lot of hardware (some shown below), configuration, testing, troubleshooting, and running around the conference center.

In addition to our typical deployment tasks, we implemented multiple improvements to the service. These improvements included an overhaul of the dashboards to show granular data for each conference room, alongside aggregate data for the entire conference; and better labeling and organization of deployed agents.

The ThousandEyes dashboard was projected on the large screen in the NOC, for alerting on any network issues, prior to reports from users.

On the troubleshooting side, we improved our log analysis and collection techniques and set up centralized monitoring of wireless data. These efforts contributed to improvements in visibility and agent uptime throughout the conference.

During the initial two days of Training sessions at Black Hat, ThousandEyes agents showed only minor deviations from baseline as the Training sessions came online. As the Training sessions continued, performance was stable, with only rare alerts for minor degraded throughput or moderate latency spikes. On Thursday, all the two-day Training sessions were closed, and the conference shifted towards Briefings, alongside two four-day Training sessions that ran for the conference’s length. With start of Briefings and opening the Business Hall, headcounts drastically increased. ThousandEyes saw degraded performance on the network, primarily in the large conference rooms hosting the Briefings. The below image shows a test result from the Hibiscus 3610 ballroom:

The network path above shows heavy latency on the first link to the default gateway, compounded by another high latency link outside the conference network. A breakdown of connectivity for the above path is shown below:

The throughput number above is key to this investigation. The Access Points (APs) for the Hibiscus 3610 ballroom had an average throughput of around 174 Mbps. Reviewing AP logs, we found that 92 users were connected to the same AP from which the test was run. Dividing the 174 Mbps by 92 gives an average throughput in line with the 1.7 Mbps shown above, so the poor connectivity was driven by oversaturation of user connections in this area.

The Hibiscus 3610 room and other agents in a nearby hallway consistently had the worst connection among the conference rooms, as shown by our agent polling results.

While there were limitations in the amount of bandwidth available for the conference in general, the data above suggests more of the available AP and bandwidth resources should be allocated to the Hibiscus 3610 ballroom and adjacent hallways for future conference topologies, which was shared with our Network Equipment partner.

Meraki Systems Manager, by Paul Fidler and Connor Loughlin

Our eighth deployment of Meraki Systems Manager as the official Mobile Devices Management platform went very smoothly, and we introduced a new caching operation to update iOS devices on the local network, for speed and efficiency. Going into the event, we planned for the following types of devices and purposes:

iPhone Lead Scanning Devices
iPads for Registration
iPads for Session Scanning

We registered the devices in advance of the conference. Upon arrival, we turned each device on.

Then we ensured Location Services enabled, always on.

Instead of using a mass deployment technology, like Apple’s Automated Device Enrollment, the iOS devices are “prepared” using Apple Configurator. This includes uploading a Wi-Fi profile to the devices as part of that process. In Las Vegas, this Wi-Fi profile wasn’t set to auto join the Wi-Fi, resulting in the need to manually change this on 1,000 devices. Furthermore, 200 devices weren’t reset or prepared, so we had those to reimage as well.

Black Hat Asia was different. We took the lessons from Black Hat USA 2023 and coordinated with the contractor to prepare the devices. Now, if you’ve ever used Apple Configurator, there’s several steps needed to prepare a device. However, these can be combined into a Blueprint.

For Black Hat Asia this included:

Wi-Fi profile
Enrollment, including supervision
Whether to allow USB pairing
Setup Assistant pane skipping

In Meraki Systems Manager, we controlled the applications by the assigned use, designated by Tags. When we came in on the first morning of the Briefings, three iPhones needed to be changed from lead scanning in the Business Hall, to Session Scanning for the Keynote, so the attendees could fill the hall faster. Reconfiguring was as simple as updating the Tags on each device. Moments later, they were ready for the new mission…which was important as the Keynote room filled and had to go to an overflow room.

We also were able to confirm the physical location of each device if wiping was required due to loss or theft.

When it was time for the attendees to register, they just displayed their QR code from their personal phone, as received in email from Black Hat. Their badge was instantly printed, with all personal details secured.

This goes without saying, but the iOS devices (Registration, Lead Capture and Session Scanning) do have access to personal information. To ensure the security of the data, devices are wiped at the end of the conference, which can be completed remotely through Meraki Systems Manager. 

Content Caching

One of the biggest problems affecting the iOS devices in Black Hat USA 2023 was the immediate need to both update the iOS device’s OS due to a patch to fix a zero-day vulnerability and to update the Black Hat iOS app on the devices. There were hundreds of devices, so this was a challenge for each to download and install. So, I took the initiative into looking into Apple’s Content Caching service built into macOS.

Now, just to be clear, this wasn’t caching EVERYTHING… Just Apple App store updates and OS updates.

This is turned on withing System Setting and starts working immediately.

I’m not going to get into the weeds of setting this up, because there’s so much to plan for. But, I’d suggest that you start here. The setting I did change was:

Location and Jailbreak detection

One thing that we haven’t spoken about in some time is Jailbreak detection and Location. There are many elements that we get back from a device, but two of them, Location and Jailbreak must be retrieved from a device using a supplemental application: In this case, the Meraki Systems Manager agent.

HOWEVER, these can only be retrieved from the device if the application is running in the background. If the device has been rebooted, or the application terminated, then we don’t get anything.

One of the other painful, but understandable, aspects of MDM is that you can’t launch an application remote on a mobile device…. But you can!

On both Android and iOS, there’s a capability called Kiosk or Single App mode: Use cases for this are normally unattended devices, like in restaurants, or scanning devices like delivery drivers, etc. And when sending the command to the device to go into kiosk mode will launch the application. You can also send a command to remove kiosk mode from the device too. The great thing about this last point is that the application remains in focus and open!

So, the other capability that using Meraki Systems Manager gives us is the ability to schedule settings. Therefore, we can turn on kiosk mode in the middle of the night and remove it an hour later.

To ensure that this doesn’t impact the registration staff, we can go one step further: after we’ve launched Meraki Systems Manager, an hour later we can relaunch the registration application, Swapcard Go.

SM Kiosk ModeSM Schedule

Systematic ThousandEyes Agent Deployment

ThousandEyes has been a hit at Black Hat. At an event where understanding immediately where issues lie in the network and beyond to ensure a great conference is paramount, the visibility ThousandEyes gives is incredible. Given that, and the complexity of the network here, and given that we have a Mac Mini deployed for caching software updates, as we are using Meraki Systems Manager (SM) for other purposes, I thought I’d take the opportunity to deploy the ThousandEyes Agent using SM.

The other reason is that, whilst we have a considerable amount of cloud and enterprise agents, we had no endpoint agents deployed. However, things are never that easy with software deployment, primarily because you need to provision / configure software once deployed. On mobile devices, this is straightforward, either using settings payloads, or by using Managed Appe Config to configure an app.

On desktop, using MDM, we can normally use things like Managed Plists to do the same thing, but the TE agent does NOT support this. Once installed, we must call the agent with a string.

So, to achieve all this, we can package the agent and command into a package using a command line utility on the Mac called PKGBUILD (more details here).

I also used a guide I’d written for the Meraki Community, available here.

Facts of note:

The Postflight:

#!/bin/bash

# this name will change with each version of the agent

installer -pkg /tmp/Endpoint Agent-x64-1.193.1.pkg -target /

/Applications/ThousandEyes Endpoint Agent.app/Contents/MacOS/te-agent –register “YOURUNIQUESTRING”

exit 0

The command to build the package using PKGBUILD

More details here or watch the video.

Repurposing of Devices for the next show

We were asked if there was anything we could do to leave the devices as they were for the next show. After careful consideration, we decided that we could leave the devices in a state that was amenable to everyone. The major requirement was leaving the Swapcard Go app on the device. But, as the app is provisioned for each show, it’s quite the process to remove configuration and then re-add it….

So, the other thing to note is the options that we have when installing (and removing) an application on a managed iOS device:

Remove with MDM is the interesting one, as it allows us to, rather than WIPING the device at the end of the show, to remove management, including any apps and settings, and their corresponding data.

The problem with this is that this was never a requirement at the start of the show. So, we now need a process in a particular order to facilitate this…. As this is for only a handful of devices:

Deprovision the app from devices by unscoping the application in Meraki Systems Manager
Wait to see this command has completed across all devices
Reprovision the app using MDM again, but with this being a new app install, it will allow the OS to keep the app in situ after an unenrollment
Wait until completed
Unenroll the device

 

Domain Name Service Statistics, by Christian Clasen

Since 2018, we have been tracking DNS stats at the Black Hat Asia conferences.

The historical DNS requests are in the chart below.

With over 18.2M DNS requests made, we had the most to date at an Asia show. We made visibility advancements at the previous year’s Asia conference. Prior to Asia 2023, we were allowing attendees to use their chosen DNS resolvers over our assigned internal Umbrella Virtual Appliances. In coordination with Palo Alto Networks (the conference Firewall provider), we began intercepting and redirecting DNS queries for other resolvers, to force resolution through the Umbrella gear. While this is only effective for plain-text DNS queries and not encrypted protocols like DNS over HTTPS, it never-the-less dramatically increased visibility as evidenced by the numbers in the accompanying charts.

The Activity volume view from Umbrella gives a top-level level glance of activities by category, which we can drill into for deeper threat hunting. On trend with the previous Black Hat Asia events, the top Security categories were Malware and Newly Seen Domains.

In a real-world environment, of the 18.2M requests that Umbrella saw, over 2,000 of them would have been blocked by our default security policies. However, since this is a place for learning, we typically let everything fly.

We also track the Apps using DNS, using App Discovery.

2024: 4,327 apps
2023: 1,162 apps
2022: 2,286 apps

App Discovery in Umbrella gives us a quick snapshot of the cloud apps in use at the show. Not surprisingly, Generative AI (Artificial Intelligence) has exploded over the previous year as a top application.

Umbrella also identifies risky cloud applications. Should the need arise, we can block any application via DNS, such as Generative AI apps, Wi-Fi Analyzers, or anything else that has suspicious undertones.

Again, this is not something we would normally do on our General Wi-Fi network, but there are exceptions. For example, every so often, an attendee will learn a cool hack in one of the Black Hat courses or in the Arsenal lounge AND try to use said hack at the conference itself. That is obviously a ‘no-no’ and, in many cases, very illegal. If things go too far, we will take the appropriate action.

During the conference NOC Report, the NOC leaders also report of the Top Categories seen at Black Hat.

Overall, we are immensely proud of the collaborative efforts made here at Black Hat Asia, by both the Cisco team and all the partners in the NOC.

Black Hat USA will be in August 2024, in Las Vegas. Christian Clasen will lead the Cisco team in the NOC, so follow his blog to see if what happens in Vegas, stays in Vegas.

Acknowledgments

Thank you to the Cisco NOC team:

Cisco Security: Christian Clasen, Shaun Coulter, Aditya Raghavan, Adam Kilgore, Patrick Yong and Ryan Maclennan
Meraki Systems Manager: Paul Fidler and Connor Loughlin
Additional Support and Expertise: Adi Sankar, Robert Harris, Jordan Chapian, Junsong Zhao, Vadim Ivlev and Ajit Thyagarajan

Also, to our NOC partners NetWitness (especially Iain Davidson and Alessandro Zatti), Palo Alto Networks (especially James Holland and Jason Reverri), Corelight (especially Mark Overholser and Eldon Koyle), Arista Networks (especially Jonathan Smith), MyRepublic and the entire Black Hat / Informa Tech staff (especially Grifter ‘Neil Wyler’, Bart Stump, Steve Fink, James Pope, Michael Spicer, Jess Jung and Steve Oldenbourg).

About Black Hat

Black Hat is the cybersecurity industry’s most established and in-depth security event series. Founded in 1997, these annual, multi-day events provide attendees with the latest in cybersecurity research, development, and trends. Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more. As the event series where all career levels and academic disciplines convene to collaborate, network, and discuss the cybersecurity topics that matter most to them, attendees can find Black Hat events in the United States, Canada, Europe, Middle East and Africa, and Asia. For more information, please visit www.blackhat.com. See the press release for Black Hat Asia 2024.

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!

Cisco Security Social Channels

InstagramFacebookTwitterLinkedIn

Share

"}]]  Protecting Black Hat Asia NOC with Cisco Security Cloud  Read More Cisco Blogs 

By |2024-05-15T13:55:32+00:00May 15, 2024|Cisco: Learning|0 Comments

Four ways DORA compliance is an opportunity for financial services organizations to accelerate digital transformation on May 15, 2024 at 1:03 pm

The Digital Operational Resilience Act (DORA) offers financial service institutions the chance to enhance operational resilience and competitive advantage through compliance, with Cisco providing a comprehensive suite of solutions to support FSIs in meeting these new regulatory requirements.

​[[{"value":"

This blog is co-authored by Greg Page, Pim Van Riet and Andy Merrick.

Digital services now play a key role in the European economy. The potential catastrophic consequences of these services being compromised has driven the European Commission to introduce The Digital Operational Resilience Act (DORA).

Supported by the right technology partner, financial service institutions (FSIs) can turn compliance into competitive advantage, while hardening operational resilience, across four key areas:

Business continuity in the event of ICT third-party provider disruptions (Multicloud Operations & Service Substitutability).
Business optimization with enhanced telemetry and insights so leaders can make the data driven decisions with confidence (Observability & Data Quality).
Improved operational experience by minimizing downtime through ICT and cyber recovery plans (Back to Health).
Delivering exceptional customer experience by improving service quality, availability, and robustness (Resilience by Design).

How will DORA impact your organization?

From January 2025 FSIs will be required to deliver to a set of criteria, templates, and directives to assure continued delivery of Important Business Services (IBS) to customers. These will check and prove their ability to maintain a proactive stance on security, and ensure they are able to endure, address, and recover from the impact of ICT incidents.

Why is DORA an opportunity to deliver greater resilience?

Cisco believe these regulatory requirements are an opportunity for the financial sector to further implement digital transformation across the enterprise. DORA is a catalyst to move from siloed, fragmented ‘best-of-breed’ approaches to a more holistic strategy driven by top-down cultural change. Supported with agile service delivery practices organizations can proactively and incrementally address evolving business continuity requirements. This marks an opportunity for FSI’s to rethink how they harden their operational resilience through capabilities such as IBS mapping alongside ICT and cyber operational transformation.

How can Cisco partner with you to achieve operational resilience?

Cisco’s portfolio is uniquely positioned to support FSIs in the journey to strengthen cyber resilience, ICT resilient operations, and to map important business services across four key areas:

Multicloud Operations & Service Substitutability to enable business continuity for FSIs in the event of ICT third-party provider disruptions (e.g. cloud provider services). We achieve this through:

Multicloud service automation enabling the journey to any cloud
Digital experience monitoring
Third party risk management assuring ‘substitutability’ of cloud services

Observability & Data Quality by working with FSIs to define IBS entity dependencies. Helping to create dashboards and reports that provide the insights relevant to the different business stakeholders. Key solutions in this area are:

Full-stack observability tooling
Enhancing telemetry & insights, through best-in-class data management and AI generated insights
IT asset management (including software and hardware) for improved accuracy and data hygiene

Back to Health by tailoring and executing ICT and cyber recovery plans. We do so through:

Cyber security simulation (red and purple teaming)
Maturity assessments for capability gap analysis
Resiliency testing and validation as part of the CI/CD delivery pipeline and digital twins

Resilience by Design through driving ICT operational maturity, resulting in improved service quality, availability, and robustness. This can be achieved through:

Improve operational effectiveness through better integration of people process technology and tools
An end-to-end security platform for consistent policy orchestration and implementation. Remediating security related events fast and consistently
Threat Intelligence & Modelling and include a ‘Shift left’ mentality in the development lifecycle.

Putting these key areas into a maturity journey context, we can assess where your organization is with regards to operational resilience. This will help with mutual understanding what is needed to take the next maturity steps as shown in the table below.

We have worked as a trusted partner in helping organizations globally across all verticals to achieve operational resilience. Our extensive experience of helping customers through our comprehensive portfolio of solutions and services can support each FSI’s unique journey to DORA compliance.

Do you want to learn more?

Please get in touch with us if you want to understand how Cisco can help your organization on the journey to achieve DORA compliance, or you want to know more about specific capabilities we can offer to you. We would love to hear directly from you.

Explore all of our solutions at Cisco for Financial Services

Share

"}]]  The Digital Operational Resilience Act (DORA) offers financial service institutions the chance to enhance operational resilience and competitive advantage through compliance, with Cisco providing a comprehensive suite of solutions to support FSIs in meeting these new regulatory requirements.  Read More Cisco Blogs 

By |2024-05-15T13:55:31+00:00May 15, 2024|Cisco: Learning|0 Comments

Using Cisco’s Benefits To Ease Difficult Times: The Bridge To Giving Yourself Grace on May 14, 2024 at 12:00 pm

When Strategy and Planning Manager Wendy S. joined Cisco full-time, she knew she had access to incredible benefits she now leans on for support and well-being.

​[[{"value":"

We plan for the happy things in life: holidays, children’s sports games, birthdays. What we don’t plan for is a catastrophic family event that turns our world upside down. That only happens to other people, right?

That’s what I thought until it happened to us. But as I write this, I am sitting in a hospital chair next to my mom’s bed.

Ten years ago, when I lost my dad after a sudden illness, I worked for a small, privately-owned company and had to take all my personal and vacation time to be at his side as we prepared for his end of life. At the end of the day, I went home and logged onto my work computer to keep up with all the things that happened during the day. Then, I went to sleep and did it all over again the next day.

Fast forward to today, as we deal with my mom’s medical issues. The benefits I have access to at Cisco have made this journey so much easier than the last time. I knew when I became a full-time employee of Cisco that there were amazing benefits, like Time2Give, 80 hours of paid time off in addition to our regular paid time off, allowing us to give back to our communities, and A Day for Me, which is gifted to us from Cisco on a quarterly basis, allowing employees to take a collective day to refresh and relax without depleting personal time off.

But I hadn’t really considered those I’m using the most right now.

First is Cisco’s Critical Time Off benefit. It is paid time off for dealing with a death, illness, or natural disaster without having to worry about work or depleting regular paid time off so we can be there for the people closest to us. With this support, I can sit by her bed like I am right now and talk to doctors and specialists in real-time.

I also navigated Cisco’s Global Wellbeing SharePoint page and was able to access other caregiving benefits to help ease the burden of finding services to help with my mom. Last year, I received help completing paperwork to secure funding for some utility bills. This time, I am leaning heavily on the concierge and consulting services to help research assisted care facilities and available lawyers and search for documents like Power of Attorney and guidance on filing those documents. When I log into my email in the morning, I find they did the research and provided me with a list of the top five elder law attorneys near me, in recommended order, along with notes from initial calls with each lawyer about fees, and services provided. I have also received lists of home care providers in my area and options for meal assistance.

In addition to these outstanding benefits, there have been other sources of comfort and solace as well. My amazing manager always encourages me to put my family first and responds to my weekly check-in reports with support and compassion. My incredible mentor checks in on me every chance she gets and reminds me that while going through times like this, I need to remember to prioritize myself, too. She reminds me that even though I am “offline” at the hospital, it’s perfectly acceptable to go for a walk for some mental wellbeing or visit with my therapist. She reminds me that work will be there, but when everything else seems to be falling apart, as part of a team, the Cisco family rallies. My team is an incredible support system that has rallied to help with phone calls and fill in the gaps every time I have needed them.

Cisco Inclusive Communities — our name for Employee Resource Groups — are another source of strength. I am part of the Mindfulness and Resiliency Network, and having the time carved out to share positive thoughts, meditations, and get support from colleagues from around the world is comforting in ways that are many times indescribable.

It’s extremely difficult to navigate profound personal challenges with managing work, children, and households. I’ve had to accept that I do, in fact, have limitations to my abilities to perform functionally. I am so grateful for the time and space that Cisco has given me to ease this difficult situation and allow me to handle it with far more grace than I ever could on my own.

See the ways Cisco’s benefits and perks go beyond the usual to help employees thrive.

Subscribe to the WeAreCisco Blog.

Share

"}]]  When Strategy and Planning Manager Wendy S. joined Cisco full-time, she knew she had access to incredible benefits she now leans on for support and well-being.  Read More Cisco Blogs 

By |2024-05-14T23:53:57+00:00May 14, 2024|Cisco: Learning|0 Comments

What we learned over coffee at the year’s biggest healthcare event on May 14, 2024 at 7:56 pm

Webex powered our in-booth coffee bar experience at HIMSS 2024 with mobile ordering by Webex Connect. Discover how Webex Connect can power seamless end-to-end patient experiences with the tap of a finger.

​[[{"value":"

Healthcare organizations are dedicated to providing exceptional care, prioritizing the patient’s satisfaction and experience through a patient-centered approach. This approach ensures patients are firmly at the center of their care and engaged in each step, with a critical piece now being adoption of digital patient communications between the patient and their caregiver.

Yet, the path to truly patient-centered care is not without its challenges. Health care organizations struggle with the complexities of achieving cohesion among different health systems, harnessing the predictive power of data analytics to anticipate patient compliance and addressing the persistent inequities that leave some patients struggling to access care.

New research from Webex shows 76% of respondents feel digital communication tools improve the patient experience, although using these tools are not currently a factor in selecting a healthcare provider with 61% still choosing a provider who did not offer digital communications. This indicates that there is still a low level of awareness that patients can engage with healthcare providers as they would in other aspects of their lives, which is important if providers are moving to a value-based care model.

Advanced communications technology made simple

Cloud communications platforms, such as Webex Connect, help healthcare organizations improve their overall patient engagement strategy. Enabling communication across multiple channels and integrating into existing backend systems makes it quick and simple to introduce digital communications into existing processes and apps, supporting a healthcare providers digital transformation and helping to meet their patients on their choice of communication channel.

Webex Connect is helping to overcome these challenges by delivering a more patient-centric, connected experience through strategic partnerships, personalization, and innovative AI-driven insights. If you were at HIMSS2024, you got to experience the power of Webex Connect and how we used it in our mobile ordering coffee bar, but the importance of it in the healthcare realm is the power of easing the communication and journey of the patient and clinician.

What is Webex Connect’s mobile ordering coffee bar experience?

It’s first important to explain that the Webex Connect mobile ordering experience isn’t a smartphone app, unlike many modern retail communication solutions.

The mobile ordering experience at Café Cisco uses the drag-and-drop workflows, third-party systems integrations, and multi-channel digital communications within Webex Connect to connect patients with clinicians for a seamless healthcare experience. In this case, we’ve applied our technology to showcase a mobile ordering experience.

How does Webex Connect’s mobile ordering coffee bar experience work?

We built our mobile-ordering journey to demonstrate what’s possible when you take the best features of rich messaging channels—in this case, Apple Messages for Business and Google Business Messages—to create exciting new digital customer experiences.

The customer journey starts by scanning a QR code that triggers the experience. Using Webex Connect’s intelligent device detection, the customer is instantly offered a diverse drinks menu through either Apple Business Messages or Google Business Messages on their native messaging client.

While the last stage of the ordering process requires customers to personalize their order by inputting their name, this is the first and only time the customer is expected to enter any textual information. Up to this point, they’ve simply been asked to hit pre-populated options. This makes the experience highly accessible and, above all, faster than any app requiring login information.

On the business end, Webex Connect bundles and passes the order information to the relevant order management system (OMS), and, in this case, the barista making the drinks. The barista can even update the order with an approximate wait time, ensuring the customer is kept in the loop through two-way communications.

What’s more, this wait time offers a unique opportunity to send relevant marketing materials to the customer and ask them for their real-time feedback. Café Cisco can even collect contact details, such as an email address, into an integrated CRM to make the customer’s next interaction even quicker. But this experience is just one of countless use cases powered by Webex Connect’s centralized communication platform.

Why Café Cisco matters

Webex Connect’s mobile ordering coffee bar experience is important. This is because whether you’re trying to manage your appointments, refill a prescription or host video consultations, it demonstrates this technology’s near-limitless potential applications to enable automated two-way, digital interactions between patients and their providers.

The key is that it’s end to end, frictionless for the user and has a built-in iterative change methodology that is data centric.  Cisco built a method to report on the workflow so that you know what works and what doesn’t, so that you could improve the experience for your patients and healthcare staff.

Learn more about Webex Connect and how it works alongside the Webex App and Webex Contact Center to enhance healthcare operations.

Share

"}]]  Webex powered our in-booth coffee bar experience at HIMSS 2024 with mobile ordering by Webex Connect. Discover how Webex Connect can power seamless end-to-end patient experiences with the tap of a finger.  Read More Cisco Blogs 

By |2024-05-14T23:53:56+00:00May 14, 2024|Cisco: Learning|0 Comments

Cisco’s Women of the Channel: Empowering Innovation, Leadership, and Success in 2024 on May 13, 2024 at 2:04 pm

I am thrilled to see numerous talented and trailblazing Cisco colleagues featured in CRN's 2024 Women of the Channel List. These women are at the forefront of channel thought leadership, and their dedication to our partners' success is a testament to the exceptional caliber of our partner program.

​[[{"value":"

As CRN unveils their annual Women of the Channel List this May, I am filled with pride and admiration to recognize and celebrate the extraordinary women at Cisco who are driving innovation, leadership, and success within our channel community.

Each year, I am awestruck by the growing number of women worldwide who are being acknowledged for their expertise, dedication, and visionary thinking. These remarkable individuals are not only making their mark in the channel but also breaking down barriers and paving the way for future generations of women leaders. Their contributions are invaluable, and their impact is immeasurable.

As a leader, I firmly believe in the power of role models. When young women see themselves represented in positions of influence and success, it ignites their imagination and expands their horizons. The Cisco leaders named to the 2024 Women of the Channel List embody the spirit of #SeeItToBeIt, and I am incredibly proud to work alongside them every single day. Their presence and achievements serve as a beacon of inspiration for aspiring women in the channel.

Now, let’s take a moment to spotlight the exceptional women who have made this year’s list!

Cisco Women of the Channel Power 100

I’m very proud to acknowledge six incredible leaders who have been named to CRN’s Power 100 List: Alexandra Zagury, VP, Partnerships and Strategy; Elisabeth De Dobbeleer, VP, Cisco Partner Program; Gretchen O’Hara, VP of Worldwide Channels and Alliances at Splunk; Jose van Dijk, VP of EMEA Partner Organization; Luxy Thuraisingam, VP of Global SMB and Partner Marketing; and Rhonda Henley, VP of Americas Partner Organization.

These amazing women are not only driving success within their respective areas but are also paving the way for a new generation of female leaders in the channel. Their insights, vision, and influence are truly remarkable, and I couldn’t be more proud to work alongside them as we continue to transform the ecosystem and create new opportunities for our partners and customers alike.

I want to emphasize that this recognition is not possible without the unwavering support and collaboration of our partners. Your success is the driving force behind our commitment to be bold, innovate, and evolve in ways that amplify the impact we create together. Our collective strength and synergy are more crucial than ever before.

Cisco 2024 Women of the Channel

Beyond the Power 100 List, I am thrilled to see numerous other talented and trailblazing Cisco colleagues featured in CRN’s 2024 Women of the Channel List. These women are at the forefront of channel thought leadership, and their dedication to our partners’ success is a testament to the exceptional caliber of our partner program. Their recognition also highlights the seamless alignment between Cisco’s partner, marketing, and sales organizations, all working in unison to serve our partners and customers.

Alba San Martin Piaggio, Senior Director, LATAM Partner Organization
Alexa Trifilo, Director, Global Collaboration Partner Engineering
Alexandra Zagury, VP, Partnerships & Strategy – Power 100
Alexandra Della Sera, Leader, Cybersecurity Partner Sales Specialists
Alicia Lorenzetti, Global Ecosystem & Marketplace Leader
Alison Stahl, Director, Americas Security Partner Organization
Amy Bahlo, Global Partner Executive
Amy Smith, Director, Americas Collaboration Partner Sales
Anita Kotagiri, Chief of Staff to SVP Global Partner and Routes to Market Sales
Annemieke Pot, Global Security Business Development Manager
Annie Shain, Global SP Sales Leader for Meraki
Ashley Grosfeld, Senior Manager, Global SMB & Partner Marketing
Ashley Tokotch, Software Acceleration Business Development Manager
Barbara Bauer, Leader, Global Partner Sales Engagement & Business Operations
Betsy Cook, Global Channel Incentives Leader
Catherine Taylor, Director, Americas Cloud Infrastructure & Software Channel Sales
Cathy Holmes, Director, Americas Service Provider Partner Sales
Charlotte Dolan, EMEA Sales Manager
Cheryl Sheer, Senior Leader, CX Partner Success Strategy & Planning
Christina Jovanovic, Senior Leader, CX Partner Success Strategy & Planning
Christine Otts, Director Partner Demand and Acceleration & Chief of Staff
Courtney Gulley, Leader, East Security Partner Sales
Dana Miller, Sr. Leader, Global Security Partner Marketing
Dayna O’Byrne, Senior Leader, Global Security Partner Sales
Deborah Wong, Leader, CX Partner Sales & Lifecycle Practice
Doris Lim, Sales Business Development Manager, APJC Distribution
Elaine Goodman, Global Leader, Agency Sales
Elisabeth De Dobbeleer, Vice President, Cisco Partner Program – Power 100
Emily Foley, Leader Global Marketing & Communications, Cisco Capital
Erin McCaslin, Director, Partner Sales Organization
Eva Lutz, Leader, Partner Go-To-Market
Grace Lo, Global Director, Business Development
Gretchen O’Hara, VP, Worldwide Channels & Alliances at Splunk – Power 100
Gwendolyn Brantley, Leader, Partner Software & Services Sales
Heather Collins, Director, Ecosystem Partners
Jeanne Quinn, Senior Director, Partner Engagement & Program Mktg
Jennifer Craine, Senior Director, Software and Services
Jennifer Keating, Director, Partner Sales Organization
Jennifer Carle, Senior Partner Program Manager, Global Channel
Jennifer Powell, Manager, SLED Channel Sales at Splunk
JoAnn Tillman, Leader, Partner Engagement Campaign Strategy
Johanna Riley, VAR Specialist Leader, EMEA Collaboration Channels
Jose Van Dijk, VP, EMEA Partner Organization – Power 100
Julie Thomas, Senior Director, Global Partner Program & Incentives
Katherine Hannah, Cisco Global Sustainability Lead, Global Partner & Route to Market Sales
Kathryn Spitz, Leader, Cloud Partner Sales – Americas
Kathy Saye, Leader, Partner Sales
Kedra Simm, Director, Partner Program Strategy & Development
Kim Pasche, VP Sales, EMEA Global Virtual Sales
Kimberly Todd, Leader, CX Partner Communications
Kristyn Hogan, Vice President, Global Collaboration Partner Sales
Lindsay Moore, Chief of Staff and GTM Acceleration Lead, Americas Security Partner Organization
Lisa Hunter, Director, Partner Managed and as-a-Service Sales
Lisa Stifelman-Perry, Director, Global Partner Experience Operations at Splunk
Lisette Sanchez, Director of Partner Sales at Cisco AppDynamics
Lori Traylor, Leader, Partner Software & Services Sales
Luxy Thuraisingam, VP, Global SMB & Partner Marketing – Power 100
Mae Forsythe, Senior Director, Public Sector Partner Sales at Splunk
Marisa Metcalf, Head of Global Channel Sales, Service Provider- BT Account
Marta Cabezas, GVSE – Global Channel Strategy & Planning Leader
Mechelle Buys du Plessis, Senior Director, Global Partners
Michelle McCrea, Leader, Partner Sales – US Distribution
Poonam Advani, Director, Global Distribution Sales
Rachel Forke, Senior Director, Partner Strategy & Planning
Rebecca Javens, Director, Americas Channel at Cisco ThousandEyes
Rhonda Henley, VP, Americas Partner Organization – Power 100
Sharon Price, Director, Cisco Partner Program
Shawn Carrigan, Senior Manager Co-Sell Acceleration, Global Partner & Routes to Market Sales
Shenna Johnson, Leader, Global Distribution Marketing
Stephanie Reaves, Leader, Partner Digital Marketing
Szabina Huttner, Strategy and Planning Manager, Partner Routes-to-Market & Sales
Tabitha Jones, Leader, Americas Collaboration Partner Sales
Vanessa Kranjcevic, Director of Partner Sales, Strategy & Planning – Americas Distribution
Victoria Varau, Leader, Global Partner and Routes to Market Sales
Wendy Davis, Global Partner Advocacy Leader, Global Partner and Routes to Market Sales
Winnie Zeliger, Senior Leader, CX Partner Success

To all the Cisco Women of the Channel leaders and the many other remarkable women in the industry who made the list, I extend my heartfelt congratulations. Your achievements inspire us all, and I am incredibly proud to be part of an organization that values and empowers women in the channel.

I invite everyone to join me in celebrating these outstanding women. Share your congratulations and support in the comments below and across your social media channels. Let’s amplify their voices, showcase their successes, and continue to foster an inclusive and diverse channel community where every individual has the opportunity to thrive.

Together, we are stronger, and together, we will continue to drive innovation, growth, and success in the channel.

See the full CRN Women of the Channel 2024 list here!

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with #CiscoPartners on social!

Cisco Partners Facebook  |  @CiscoPartners X/Twitter  |  Cisco Partners LinkedIn

Share

"}]]  I am thrilled to see numerous talented and trailblazing Cisco colleagues featured in CRN's 2024 Women of the Channel List. These women are at the forefront of channel thought leadership, and their dedication to our partners' success is a testament to the exceptional caliber of our partner program.  Read More Cisco Blogs 

By |2024-05-13T22:49:47+00:00May 13, 2024|Cisco: Learning|0 Comments
Go to Top