2024: Domino Containers - The Next Step. News from the Domino Container commu...
Security at the Speed of the Network
1. Security at the Speed of the Network:
Automating and Accelerating Security
Through SDN and NfV
BRKSEC-2760
Hantzley Tauckoor – CISSP #472723, CCDE #2015::43
Consulting Systems Engineer – MANO & Programmability
Global Virtual Engineering, Cisco Systems
3. • Security from the Service Provider perspective
• Putting SDN/NFV to work – DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
4. • Security from the Service Provider perspective
• Putting SDN/NFV to work - DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
6. Trends: New Opportunities …
The world has gone mobile Traffic growth, driven by video
Rise of cloud computing Machine-to-Machine
Changing
Customer
Expectations Ubiquitous Access
to Apps & Services
10X Mobile Traffic Growth
From 2013-2019
Changing Enterprise
Business Models
Efficiency & Capacity
Soon to
Change SP
Architectures/
Service Delivery
Emergence of the Internet of Everything
Process ThingsPeople Data
PetabytesperMonth
Other (43%, 25%)120,000
100,000
80,000
60,000
40,000
20,000
0
Internet Video (57%, 75%)
2013 2014 2015 2016 2017 2018
23% Global
CAGR
2013- 2018
Dynamic Threat Landscape
Increasing Threat Sophistication
Risks to Service Providers
and Their Customers
8. 2015 Verizon Data Breach Investigations Report
Compromise
Detection
~ 84% of initial
compromises
completed within
hours
~ 65% of initial
compromises
undetected for
months
9. Legacy Security: Costly & Complex
Siloed
Inefficient
Manual
Limited integration, security gaps
Hard-coded processes
Over-provisioned, static, and slow
Hinders
realization of
open and
programmable
networks
10. SDN Automation: The Speed of The Network
AFTER
DURING
Threat
Analytics
VisibilityControl
BEFORE
11. How Automated Are You Today?
AFTER
DURING
Threat
Analytics
VisibilityControl
BEFORE
Automated Manual
12. Managing The Threat Lifecycle
Protecting the Infrastructure and Offering Elastic Managed Services
Orchestration
VMS
Cloud Services Orchestration
Real Time application of the right
service, in the right place, at the right
time
Quantum WAVE
WAN Orchestration
Real time topology and service
health information
BEFOREControl
Enforce
Harden
DURING AFTERDetect
Block
Defend
Scope
Contain
Remediate
Attack Continuum
Firewall
NGFW
NAC + Identity Services
VPN
UTM
NGIPS
Web Security
Email Security
Advanced Malware Protection
Network Behaviour Analysis
Visibility, Context, Autonomics and BCPs
DDoS Visibility/Mitigation Services
Forensic Analytics
HSS
UBIqube – MS Activator
Security Domain Management
13. Anatomy of the SP network
Access Service Edge
Mobile
Residential
Business
Aggregation/
Transport
CoreData Center
Enterprise WAN
CMTS, DSLAM
Cell Site Router
Video Dist
MACsec
Volumetric DDoS
VPN
FW, VPN,
CGNAT, NGIPS,
AMP
Mobile Inspection
Security
Features
MACsec, FW,
VPN, NGIPS, AMP
App DDoS
FW, VPN,
NGIPS, AMP,
Volumetric DDoS
App DDoS
SP Security Best Practices - http://tools.cisco.com/security/center/serviceProviders.x?i=76
14. Security for Open & Programmable Networks
Applications
& Services
Evolved
Programmable
Network
Cisco Services
Storage NetworkCompute
Service Broker
SMART
SERVICE
CAPABILITIES
OPENAPIsOPENAPIs
OPENAPIsOPENAPIs
Security
Evolved
Services
Platform Orchestration
Engine
Catalog
of Virtual
Functions
Service
Profile
Benefits:
• New Revenue Streams
• Increased Business Agility
• Lower Operating Costs
Cisco Service Provider Architecture
16. Programmability Across Multiple Controllers
App
APIC Controller
App
Data Centre
APIC-EM / WAE Controller
Threat Defense
Security Policy
Service Orchestrator
Campus / WAN
17. A Plethora of Controllers
APIC
Cloud Orchestration
Objective: Extend OpenStack
Neutron’s networking model with
new policy APIs
Openstack “Sister-project” to group
based policy in OpenDaylight
SDN Controller
Under Linux Foundation
Security extensions
Common vendor supported framework
WAE
Traffic Optimization
Monitor for path
constraint violations
Automate network
changes to ensure
path compliance
Service Chaining
Application Network
Flow Profile
SLA, Security, QoS,
Load Balancing
User/Things Network
Profile
QoS, Security, SLA,
Device, Location, Role
Open Source
Projects
Data Center Campus WAN
VTS
Overlay Automation
18. Offering
Service
System
Product
HW Appliance Virtualise existing functions SAAS-based
solutions
Implementation
Can be leveraged to
offer SAAS
SP infrastructure
services transitioning to
NFV
SP
Video
GWs
CPE
Mobile
services
Ent
Managed
Services
IAAS
Transition to All-virtualised Services?
Drivers:
• Reducing total
OpEx and CapEx
• Increased service
velocity and
agility
• Increasing
revenue
SP
Video
GWs
CPE
Mobile
services
Ent
Managed
Services
L2 / L3
VPN
IAAS
All SP services are virtualising …
Some services move straight to
SAAS
HCS
Scansafe
Webex2
SDVPN
SP
Video
HCS
19. Network Function Virtualization
• Movement of Network functions to the cloud
• Control, services and data plane components
• NFV is not applicable to all network applications
• However most service functions are in the frame
• High performance plumbing is not at the moment
• NFV is an architecture rather than simply
virtualizing functions
• Virtual services, compute
• service chaining, overlays
• Orchestration and redirection
• Covered a number of use cases
See also: http://www.etsi.org/deliver/etsi_gs/NFV/001_099/002/01.01.01_60/gs_NFV002v010101p.pdf
21. Summary: The Building Blocks
Service
Orchestration
Traditional
Orchestration
Automation, provisioning and interworking
of physical and virtual resources
NFVSDN
SDN
Separation of control and data plane,
controllers
NFV
Network functions and software running
on any open standards-based hardware
Traditional
Distributed control plane components,
physical entities
22. • Security from the Service Provider perspective
• Putting SDN/NFV to work - DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
23. Putting SDN/NFV to Work:
Security Services Virtualization
& SDN DDoS Mitigation
27. Distributed Denial of Service Attack Mitigation
Controller
DoS
Traffic
Statistics Traffic
Redirection
28. Distributed Denial of Service Attack Mitigation
Controller
DoS
Traffic
Statistics Traffic
Redirection
29. Cisco ASR 9000 vDDoS Protection
Arbor Networks
Threat Management System (TMS)
ASR 9000 with
Virtual Services Module (VSM)
Cisco ASR 9000
vDDoS Protection
“Powered By Arbor Networks”
Architectural
Superiority
Unified
Management
Scalable
Performance
Reduced
OPEX
Flexible
Deployment
30. ASR 9000 vDDoS Solution Components
Virtualized
Arbor Peakflow
SP
ASR
9000
ASR
9000
VSM running
vDDoS SW
Licenses
• Virtualized Peakflow SP
Collects Flow records
Detects abnormal network behavior
and trigger alerts
Can influence the routing, injecting
BGP routes in the network
Supports BGP FlowSpec as a
Controller
Sets up and monitors the TMS
remotely
• Virtual DDoS SW (running on A9K VSM)
Configured by SP, receives diverted
traffic and proceeds to in-depth packet
analysis
Discards the attack packets and
transmits the legit ones
Provides real-time monitoring info to
operators
DDoS
Detection
DDoS
Mitigation
31. How Peakflow works?
Peering
Point
Core
Router
PE
Enterprise A
Enterprise B
Arbor Peakflow
SP6000
PE
Peering
Point
ASR 9K
ACL
ACL
2 – Volumetric DDoS: ACL, BGP FlowSpec
1 – Anomaly detection
3 – L4-L7 DDoS: redirect to ASR 9K for intelligent mitigation
4 – Identify and filter
the malicious
requests
5 – Forward
the legitimate traffic:
GRE, MPLS, …
Enterprise C
37. Cisco DDoS Positioning
SP
SP
Radware
Defense Pro
Threat
Defense
Firepower
9300
Radware
Vision
SP Scrubbing Center
Various 3rd Party Options for
Hosted : Arbor Cloud, Radware
Cloud, Prolexic /Akamai
Radware
Defense Pipe
• Complete DDoS system can be complemented
w/Cisco Lancope Threat Defense
SP Edge Router Based DDoS with ASR –
• (Volumetric) on ASR 9K + VSM+ Arbor TMS Peak
Flow . SP Backbone detection and mitigation
SP ASR PE
w/PeakFlow
MSSP Services
• Various 3rd Party Options for Hosted Services
Firepower
9300
Mobile
users
SP Mobility Edge w/FP 9300
and Radware DDoS
Applications,
Services &
Databases
Data Center
Data Center FW Based DDoS with Firepower 9300
• Firepower 9300 + SM running Radware Defense Pro
• Application Attack detection and mitigation
38. Recap - Cisco DDoS Offerings for Service Provider
• DDoS target is bandwidth
• Volumetric attacks
• Part of SP Clean Pipes solution
• Traffic diverted to scrubber
within router backplane
• Clean traffic reinjected locally
• Additional Arbor products can
protect enterprise assets
• DDoS target is firewall and
devices behind it, NOT
bandwidth
• vDP sits inline and sees all
traffic going to firewall
• Other Radware capabilities in
the cloud can help with
bandwidth-based attacks
Arbor TMS on ASR9k Radware vDP on FP9300
39. • Security from the Service Provider perspective
• Putting SDN/NFV to work - DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
41. Programmable NetworkProgrammable FabricApplication Centric
Infrastructure
DB DB
Web Web App Web App
VxLAN-BGP EVPN
standard-based
3rd party controller support
Modern NX-OS with enhanced
NX-APIs
Automation Ecosystem
(Puppet, Chef, Ansible etc.)
Common NX-API
across N2K-N9K
Turnkey integrated solution with
security, centralized management,
compliance and scale
Automated application centric-policy
model with embedded security
Broad and deep ecosystem
Cisco SDN: Providing Choice in Automation and Programmability
Mass Market
(commercial, enterprises, public sector)
Service Providers Mega Scale Datacenters
VTS for software overlay
provisioning and management
across N2K-N9K
42. Introducing Application Centric Infrastructure
Application
Network Profile
Orchestration
Frameworks
Hypervisor
Management
OVM
Systems
Management
Centralized Policy Management
Open APIs, Open Source,
Open StandardsAPIC
Fabric
Automation Enterprise
MonitoringACI
Ecosystem
Partners
End Points
Physical &
Virtual
Physical
Networking
Nexus 2K
Nexus 7K
Hypervisors and
Virtual Networking
Compute L4–L7
Services
Storage Multi DC
WAN and Cloud
Integrated
WAN Edge
43. Typical Service Chain
• Full abstraction within the service chain
• Every device only knows its function and exchanges packets with the fabric as instructed
• High degree of modularity with low coupling, specific devices are interchangeable
• ACI maintains flow symmetry through the same device instance
SSL Firewall
Policy rules, NAT, Inspection
IPS
Analyzer
EPG
“Users”
EPG
“Web”
EPG
“Files”
44. ACI and OpenStack
OpenStack
Orchestration
Cisco ACI
Controller 1 Controller 2 Controller 3
Hypervisor
Multi-vendor
Open Source
APIC Plugins
APIC
Nexus 9000
Open vSwitch
OpFlex
Project 2
v
m
v
m
v
m
v
m
Hypervisor
vm4
Project 1 Project 2 Project 3
vm5
vm6
vm3
vm4 vm4
vm5
vm6
Hypervisor
vm4
Project 1 Project 2 Project 3
vm5
vm6
vm3
vm4 vm4
vm5
vm6
Project 1
v
m
v
m
v
m
v
m
Project 3
v
m
v
m
v
m
v
m
Plugin Plugin Plugin
OpFlex OpFlex
45. Virtual Topology System (VTS) Introduction
Automated
DCI / WAN
VM
OS
VM
OS
NX-API
Netconf/
YANG
Physical ToR
Virtual
Overlay DCI/WAN
Bare Metal
workload
Virtualized
workload
BGP-EVPN VXLAN Fabric
VTS
VTS for overlay provisioning and management across Virtual Overlays and Physical Fabric
(Cisco Nexus & multivendor)
Flexible Overlays
Open and Programmable
Automated
Scalable VXLAN Mgmt.
Seamless Integration with Orchestrators
Automated Overlay Provisioning
Automated DCI/WAN Integration
REST-Based Northbound APIs
Multi-protocol Support
Multi-hypervisor Support
MP-BGP EVPN Control Plane
Virtual Tenant Networks
High Performance Virtual Forwarding
Physical and Virtual Overlays
Bare-metal and Virtualized Workloads
Service Chaining
VMware vCenter
REST API
GUI
Cisco Network
Services Orchestrator
(Tail-f)
46. • Security from the Service Provider perspective
• Putting SDN/NFV to work - DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
48. Evolution of Security Services
CloudHybridCPE Managed
CPE
SP
IPS WEB EMAIL MALWARE CONTEXT
W W W
NGFW VPN IPS WEB EMAIL MALWARE CONTEXT
SWITCHING NAT DHCP AP VOICE ROUTING
W W W
SWITCHING AP VOICE
SWITCHING AP VOICEROUTING
NAT DHCP NGFW VPN
NGFW VPN IPS WEB
EMAIL MALWARE CONTEXT
W W W
NAT DHCP ROUTING
Premise to Cloud
50. Cloud Based Security Service Offerings
Cisco Managed Security Cloud SP Hosted Security Cloud
VPN, FW, NGFW, NGIPS, AMP,
Web Security, Email Security
as a Service
NGFW VPN IPS WEB
EMAIL MALWARE CONTEXT
W W W
Cloud Web Security (CWS)
Cloud Email Security (CES)
WEB EMAIL
W W W
Pre-Packaged NFV
Security Service Bundles
(vMS)
A La Carte Hosted Security
as a Services (HSS)
SP/MSSP Resell
to Enterprises
SaaS or Hosted
51. Hosted Security as a Service Architecture
51
Security Service Examples:
FWaaS – Firewall as a Service
VPNaaS – Virtual Private Networking as a
Service
NGFW/IPSaaS – Next Generation Firewall and
Intrusion Prevention System as a Service
WSaaS – Web Security as a Service
ESaaS – Email Security as a Service
IDaaS – Identity as a Service
DDoSaaS – Distributed Denial of Service as a
Service
INFRA-
STRUCTURE
Hypervisor
Compute
Storage
SERVICES
LAYER
WSaaS
FWaaS
Tenant 1
ESaaS
WSaaS
FWaaS
Tenant 2
FWaaS
IDaaS
Tenant 3
ORCH.
LAYER
Policy Analytics Reporting
NGFW/IPSaaS VPNaaS
52. Feature Category
Service Tiers
Bronze Silver Gold
NAT Address Translation
Stateful Inspection
High Availability
Advanced Management
Firewall-aaS Tiers Example
Included
BEFORE DURING AFTER
53. Category Feature
Service Tiers
Bronze Silver Gold
NAT Address Translation NAT / PAT
Stateful Inspection
L3 firewall
Transparent firewall
Proxy authentication
Application hosting private zone
Application control (IM, peer to peer)
Voice security support
High availability
Within SP data centre
Between SP data centres
Management
Customer self service portal
Streamlined management
Auto generated reporting
Custom reporting
Data log retention (1 month)
Extended data log retention (> 1 month)
Firewall-aaS Tiers Example
Included
Option
Reference
Slide
BEFORE DURING AFTER
54. Feature Category
Service Tiers
Bronze Silver Gold
Customer site to Cloud IPSec VPN service
Remote Access VPN
High Availability
Advanced Management
VPNaaS Tiers Example Tiers Example
Included
Reference
Slide
BEFORE DURING AFTER
55. Feature Category
Service Tiers
Bronze Silver Gold
Real Time Threat Protection Services
Acceptable Use Services
Policy Control
High Availability
Advanced Management
Web Security-aaS Tiers Example
Included
Reference
Slide
BEFORE DURING AFTER
56. Feature Category
Service Tiers
Bronze Silver Gold
Inbound Email Protection
Outbound Email Protection
Policy control
High availability
Advanced Management
Email Security-aaS Tiers Example
Included
Reference
Slide
BEFORE DURING AFTER
57. Feature Category
Service Tiers
Bronze Silver Gold
Application Visibility and Control (NGFW)
Threat Protection (NGIPS)
High Availability
Advanced Management
NGFW/IPSaaS Tiers Example
Included
Reference
Slide
BEFORE DURING AFTER
65. vMS (CloudVPN) at a Glance
65
INFRA-
STRUCTURE
KVM
Compute
Storage
SERVICES
LAYER
IPSv
ASAv
Tenant 1
ESAV
WSAV
CSR1Kv
Tenant 2
vDDoS
ASAv
Tenant 3
ORCH.
LAYER
Policy
Net+Svc. Analytics Reporting
CSR1kv CSR1Kv
• Rapid provisioning/Ops Portal
• Standard YANG models
• All customer data lives inside the SP Cloud
environment
• Appliance plus Virtual Services chained
together
• Orchestration of Network + Service Topology
• Service lifecycle management + elasticity +
workload placement
• IPv6 deployed here
SP existing
orchestration,
reporting, billing
infrastructure
• Provisioning
API
• Reporting API
• Billing APIProvisioning
Svc. Lifecycle
Mgt.
66. vMS Architecture
A Deeper Look
VR_CSR
OpenStack
(virt infra mgr)
NSO
(VNF-O)
Create
Deliver
Operate
Optimize
cisco
Service Design
My DeploymentsMy Designs
Deploy
Deployment Wizard
Select Scope
Engineering
New Folder
Testing
End-User
Portal
Cloud Service
IP Network
Data Centre
BSS
Systems
VFW_vASA
ESC
virt infra
Lifecycle
(VNF-M)
confd
service
models
device
models
fastmap
O/S
component
APIs
reactive
fastmap
Config &
Operation
ISR
Create
Deliver
Operate
Optimize
cisco
Service Design
My DeploymentsMy Designs
Deploy
Deployment Wizard
Select Scope
Engineering
New Folder
Testing
Operator
Portal
RESTCONF / UICONF
x86 MPLS WAN
NEDs
SDN
Controller
67. VMS Release 2.0: Delivering Comprehensive Cloud VPN Services
CPE
Cust-A
CPE
Cust-A
CPE
Cust-B
ASA
Over The Top
Access
Flex-VPN
Internet
VR
VR ASA
CPE
Cust-C
CPE
Cust-C
NSO – NFV Orchestrator
Cloud VPN Services
• 3 Service Models for Enterprise deployment flexibility:
• CloudVPN Foundation
• CloudVPN Advanced
• CloudVPN Advanced w/Web Security
• vIPS option for both Advanced and Advanced
w/Web Security
• CSR1Kv: Virtual Router for Site-to-Site VPN with Secure
IP Overlay using FlexVPN/IKEv2 for IPSec Tunnels
• ASAv: vFW with NAT and Policy (*)
• ASAv: vFW with IPSec/SSL Remote Access (*)
• WSAv for Enhanced Web Security (*)
Management and Orchestration
• Enterprise Admin Service Interface (Portal) driven service
instantiation
• Zero-Touch Deployment of enterprise CPE (ISR G2)
• Model driven Network Services lifecycle management with
Network Service Orchestrator (NSO) from Tail-f
• VNF lifecycle management with Elastic Services
Controller (ESC)
• Virtual Infrastructure Management with Openstack
featuring: OVS and ODL/VPP as SDN Controllers
Advanced
VR
Foundation
CPE
Cust-B
ESC – VNF Manager
WSA
Advanced w/Web Security
PnP RFS VirTo RFS
API
CPE Managed
Orchestration Link
Foundation Service
Direct Internet Access via
“Split Tunnel”
Access Model:
Flex-VPN Links
IPSEC VPN
Service Access
vRouter
Internet Access/
Remote Access
Openstack – Virtual Infrastructure Manager
68. vMS Service Bundles
• (1) Internet Access (IA), FWaaS, VPNaaS
CSR1kv, vASA with NAT, FW, RA.
• (2) IA, FWaaS, VPNaaS and WSaaS
CSR1kv, vASA, vWSA
• (3) IA, FWaaS, VPNaaS and Next-Gen IPSaaS
CSR1kv, vASA, vWSA, vNG-IPS(SourceFire)
• 4) IA, FWaaS, VPNaaS and IdentityaaS
CSR1kv, vASA, vISE with NAT, BYOD, Policy, TrustSec
• (5) IA, FWaaS, VPNaaS and ESaaS
CSR1kv, vASA, vESA
• (6) IA, FWaaS, VPNaaS and DDoSaaS
Flexibility for other variations based on marketing needs
70. • Security from the Service Provider perspective
• Putting SDN/NFV to work - DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
72. SDN Security Components
Security
Application
Third Party
Application
IdentitySecurity
Network
Services
Service Abstraction Layer
Open
Flow
Netconf I2RS Security
Plugin
pxGrid
SDN
Security
Infrastructure
Cisco Cloud
Threat Defence
SDN
Applications
Identity
Services
Engine
Next Generation Defence Centre, PRSM, CSM…
Visibility
CLI
74. Security Services Through SDN
Audit
Recording
Monitoring
Inspection
Rate Limiting
DDoS Scrubbing
Quarantine
Active Web Firewall
Blocking
Effective
Timely
Non-invasive
75. Network Controller Reconciles Mitigations Against
The Needs of Mission-critical Applications
Mitigations
from
Security
System
Application
and
Network
Requirements
76. Threats to an SDN System
Controller
App 1 App 2 App 3
Spoofing
Rogue
DoS Attacks
77. Threats to an SDN System
Controller
App 1 App 2 App 3
Hardening
Secure Provisioning
Authentication
Authorisation/RBAC
Integrity
Secure Storage
Audit
78. • Security from the Service Provider perspective
• Putting SDN/NFV to work - DDoS
• Automating Security in the SP Data Centre
• Generating new revenue streams with hosted security services
• SDN & NFV Infrastructure Security
• Summary
Agenda
80. Considerations
How automated is your
telemetry capture?
How automated is your
threat analysis?
Are you limited by
privacy considerations?
What actions are you
willing to take in real
time?
What actions should be
one-click for a security
analyst?
What type of SDN can
you use?
How SDN-ready is your
network?
SDN security?
Detection SDNResponse
81. Summary
• SP Security concerns
• How traditional products/solutions are embracing SDN/NfV
• Security automation in the SP DC
• Revenue generating security solutions for SP
• SDN & NFV Infrastructure Security
• Is there “One” solution to tackle security end-to-end at the “speed of the
network” ?
• The reality is, each use case is different.
• Technology, People, Processes
• The key enabler “Automation”, through the use SDN, programmability, APIs, NFV…
82. Related Cisco Live Sessions
• BRKRST-1014 - Introduction to Software-Defined Networking (SDN) and Network Programmability
• BRKSPG-3616 - SDN and NFV for Service Providers
• BRKSDN-2040 - SDN Controllers - A Use Case Driven Approach to the Options
• BRKSDN-2065 - Cisco Virtual Managed Services (vMS)
• BRKSPG-2619 - Cisco Evolved Programmable Networks
• BRKSEC-3010 - Firepower 9300 Deep Dive
• BRKSEC-1205 - Introduction to DC Security
• BRKSDN-1119 - Device Programmability Options with APIs
• BRKSEC-2005 - The Internet of Things: A Double-Edged Sword. How Can You Embrace it Securely?
83. Where to go next?
• Other complementary security solutions:
• OpenDNS
• Lancope
• Cloud Web Services
• CliQr
• Demos in the Cisco World of Solutions
• Walk-in Self-Paced Labs
• DevOps & DevNet Sessions
• Meet the Engineer 1:1
85. Complete Your Online Session Evaluation
Learn online with Cisco Live!
Visit us online after the conference
for full access to session videos and
presentations.
www.CiscoLiveAPAC.com
Give us your feedback and receive a
Cisco 2016 T-Shirt by completing the
Overall Event Survey and 5 Session
Evaluations.
– Directly from your mobile device on the Cisco Live
Mobile App
– By visiting the Cisco Live Mobile Site
http://showcase.genie-connect.com/ciscolivemelbourne2016/
– Visit any Cisco Live Internet Station located
throughout the venue
T-Shirts can be collected from Friday 11
March at Registration
86. • Session Managers – Robert Page, Usen Tulemisov, Stefan Avgoustakis
• Previous BRKSEC-2760 presenters – Mike Geller, David McGrew, Ken Beck
• Collaborators – Kerry Loveless, Sam Rastogi, Siruo Yu, Mike Geller, Albra Welch
Thanks…